Solved

email with attachment from certain domains is refused delivery

Posted on 2013-12-11
9
322 Views
Last Modified: 2014-03-25
Greetings.  We have in place a Barracuda 400.  A few months ago, emails with attachments larger than 1 or 2mb, from just two domains, are refused and eventually returned to the sender.  If either of these domains send an email with no attachment, or smaller attachments, the message will be delivered.  There is nothing in the logs on the Barracuda to indicate a problem.  The message is not Blocked or Quarantined.  Both the sender and I have tried to figure out the problem and have come up with nothing.  My last resort is to try and monitor the connection from the logs on our Firewall, which I'll be trying soon.  In the meantime, has anyone come across this before?
0
Comment
Question by:rsl-nsg
  • 6
  • 2
9 Comments
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39713791
When the messages are refused are they even reaching the Mail Server at all?

Did you checked the mail server also if there is anything there about those messages?

Sudeep
0
 

Author Comment

by:rsl-nsg
ID: 39714463
No, they do not appear to be reaching the Exchange server.  I have checked the mail and do not find any reference to the messages sent.  I will try to find a copy of the NDR they receive and attach it to my question.

Thank you
0
 
LVL 3

Expert Comment

by:jrlingam
ID: 39723314
Hi

1. Is there any mail gateway device located between the 2 domains. If yes, then please check the same.

2. What is the maximum message size for external emails that is set up in the sender domain. In my experience, most of these issues will be because the mail has crossed the maximum permissible size.

Also please provide us the NDR if any received by the sender.
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:rsl-nsg
ID: 39724081
Thank you for your reply.

1. There is not a gateway on our end.  The sender has a similar SPAM/Anti-Virus appliance we use that their email passess through before transmitting to a recipient.  

2. I'm not sure of their max size, however the same email that does not make it to a recipient in our domain is successfully delivered to my personal email account and another business account I have.  This appears to point to a problem at our end, however I'm unable to find the cause.  

I will be testing again with the client this afternoon.  I'm going to monitor the logs on our Firewall in the hopes of seeing what happnes to their initial connection.  The only NDR message they receive is the text I attached to my previous comment.  If you were unable to view that let me know and I'll try to re-attach it.
0
 

Author Comment

by:rsl-nsg
ID: 39768994
Coincidentally, I have learned that the two domains we are experiencing this issue with use Cisco IronPort appliances.  If there are any experts knowledgeble with that appliance perhaps they can come up with some possible causes?  I was able to view their connections through our Firewall, which were reported as successful.  So, the problem does appear to be the connection to our Barracuda SPAM appliance.

Thanks,

Terry
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39771306
As you have mentioned that they are using Cisco Ironport Mail Appliances, so please check on the senderbase is your mail servers IP addresses are listed there.

http://www.senderbase.org

Sudeep
0
 

Author Comment

by:rsl-nsg
ID: 39783392
I do not find our mail server listed on this site.  Thanks Sudeep.

Terry
0
 

Accepted Solution

by:
rsl-nsg earned 0 total points
ID: 39942744
This issue has been resolved.  I had a Fortinet support engineer review the policies on our Firewall.  He found a couple of Public facing policies that had NAT enabled, which he said was not necessary and could cause issues.  We disabled NAT on both policies.  One policy had to do with SMTP traffice to our Exchange server.  The other policy was related to TLS handshake.  I had to re-enable NAT on the policy for our Exchange server because when disabled our remote users were unable to receive email to their hand held devices.  At our next round of testing we started receiving emails with large attachments from the domain in question.  As that was the only change I'm aware of I have to believe this was the solution.

Thanks to all who commented on my question.
0
 

Author Closing Comment

by:rsl-nsg
ID: 39952671
It was the solution to the reported issue.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Thunderbird: Adding a signature to emails 2 53
pop/imap email 32 48
Questions Vulnerability apps and results 3 135
Outlook 2010 not responding when sending email. 4 68
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Are you irritated by repeating emails issue in Microsoft Outlook 2016 after recent update ?  Lets’ see how to resolve and prevent duplicate emails in the Outlook 2016 using some simple techniques.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question