Solved

Recipient email address is possibly incorrect on antispam gateway

Posted on 2016-09-14
12
145 Views
Last Modified: 2016-09-18
Hi,

A sender always encounters problem on

This is a delivery failure notification message indicating that an email you addressed to email address :
--xxxx@xxxxxx.com

could not be delivered. The problem appears to be :
-- Recipient email address is possibly incorrect

Additional information follows :
-- Transaction failed

Any idea ?
-------------------------------------------------------------------------------

as1 postfix/smtpd[27122]: warning: TLS library problem: 27122:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:s3_pkt.c:1472:SSL alert number 46:

as1 postfix/smtpd[29111]: warning: proxy inet:127.0.0.1:10020 rejected "RCPT TO:<xxx@xxxx.com>": "554 Transaction failed"
0
Comment
Question by:AXISHK
  • 5
  • 4
  • 3
12 Comments
 
LVL 9

Expert Comment

by:Tomas Valenta
ID: 41797621
Hi,
from the log it looks like the foreign mail system rejected your message but error message is common mesage.
Can turn on diagnostic log and give me SMTP transaction info for this message, please ?
In this log we can see real smtp To, what type of connection the servers negotiate and also reason of closing
transmission.
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41798440
If your user is anything like my users, they have a bad address in autocomplete, but keep trying to use it... Then they try and blame it on the server...
0
 

Author Comment

by:AXISHK
ID: 41799145
On exchange smtp receive log, there is no entry for those missing emails.

On our Antispam gateway, only the following is logged.
"as1 postfix/smtpd[29111]: warning: proxy inet:127.0.0.1:10020 rejected "RCPT TO:<xxx@xxxx.com>": "554 Transaction failed"

Can Exchange smtp log can record all incoming connection, not match it is success or fail ?

Thx
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 9

Expert Comment

by:Tomas Valenta
ID: 41799221
SO as I understand now you have internal Exchange server which deliver messages to your mail gateway.
The error message is on this mail gateway and the flow of the message is Exchange server -> mail gateway -> foreign system.
On mail gateway the system is receiving message from Exchange on some port, then internal flow on mail gateway
between smtp server and antispam engine and than final delivery out. It looks like (based on port 127.0.0.1 which is local loopback address) the problem could be internal in mail gateway.
Turn on diagnostics logging of SMTP server in Exchange - http://exchangepedia.com/2007/05/exchange-server-2007-logging-smtp-protocol-activity.html to be sure the e-mail address and other part of transmission are OK.
Next step will depend on result - Exchange server issue or mail gateway issue.
0
 

Author Comment

by:AXISHK
ID: 41799231
The problem is on the incoming emails.

Sender -> Anti-spam gateway --> Exchange 2010

SMTP log for receiving has been turned on. However, missing emails can be shown on the log.

Thx
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41800000
Does your gateway have some sort of user verification?
Mine uses LDAP to look up users before passing on the mail... Could yours have a manually created list that isn't getting updated? Or one created by a cron job that is failing to update?
0
 

Author Comment

by:AXISHK
ID: 41800037
No such setup.

Actually, can LDAP vertify incoming sender from public internet ? Only sender with my home domain should check LDAP, Otherwise, it shoudln't or it will block other domains to pass through, correct ?

Thx
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41800530
Actually there are filters that do "callback" verification, but it is a depreciated practice if I remember correctly.

Also some filters will verify if a senders domain has a valid MX address, some will verify other aspects of the sender.

So these are messages coming into your organization, and getting stopped at the filter? Or they make it to the exchange server and then disappear?
0
 

Author Comment

by:AXISHK
ID: 41800799
Bypass the gateway and all mails can deliver to Exchange within missing. Already reported to vendor but seem like it takes time to resolve...  They are still investigating.

Is there any apps that can accept mails and a decision to route to diferent hop based on email domain ? They may be a quick temporary solutoin.

Thx
0
 
LVL 9

Expert Comment

by:Tomas Valenta
ID: 41801061
OK, it is possible to turn on temporary debug logging on IMSVA (Logs\Settings - Log Files - Application log detail level - DEBUG)
and ask your partner to send the same problematic message again, please ?
0
 

Author Comment

by:AXISHK
ID: 41801186
The setting was setup to DEBUG.

How to get the log for investigation ?

Thx
0
 
LVL 9

Accepted Solution

by:
Tomas Valenta earned 500 total points
ID: 41801212
the log files are stored in /opt/trend/imss/log.
Go to the Logs\Query in IMSVA console and here try at first Message tracking type
and type query and result you can export to the csv file. In Admin guide on page 25-5
you can find examples of queries.
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question