Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3198
Views
0
Helpful
4
Replies

ESA blocked gmail account due to RFC 5322 compliant

Go to solution
cammy.busto
Level 1
Level 1

‎09-13-2017 08:35 PM - edited ‎03-08-2019 07:24 PM

Hi,

Is anyone can explain why the ESA blocked the outgoing email to gmail? I cannot migrate from old Email Gateway to ESA due to this issue.

 

Here's my setup

1. Only outgoing email for testing, incoming still on existing Email GW.

2. Outgoing: Email Server -> ESA (DMZ) -> Public

 

My testing is from ESA CLI

 

ironport.xxx.com> telnet x.x.x.x 25

Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
220 ironport.x.com ESMTP
helo x.x.x.x
250 ironport.x.com
mail from:test@x.com
250 sender <test@x.com> ok
rcpt to:test@y.com
550 #5.1.0 Address rejected.

 

Appreciate your help!

 

 

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to cammy.busto

‎09-14-2017 10:29 AM

Hello,

 

Testing from the CLI can be performed for incoming or outgoing behavior, it simply depends on the Listener/Sender Group/Mail Flow Policy you're hitting when the connection has been made.

 

Aside from that, you'll want to add in the friendly To: and From: information with your test, which would be under data.

 

 

telnet x.x.x.x 25
mail from: user1@example.com
rcpt to: user2@example.com
data
From: "User 1" <user1@example.com>
To: "User 2" <user2@example.com>
Subject: Here's a subject.
bleep bloop!
.

Thanks!

-Dennis M.

View solution in original post

0 Helpful

Go to solution
cammy.busto
Level 1
Level 1
In response to dmccabej

‎09-14-2017 09:47 PM

Hi All,

 

Using "diagnostic" from ESA CLI, I can now test my outgoing email.

 

Thanks a lot from your inputs :)

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎09-14-2017 05:00 AM

Hi,

 

It appears the destination IP has a recipient validation in place or the rcpt to provided is not in a RFC compliant format.

 

You can refer to the below articles.

https://gist.github.com/floudet/75f3e089fd400c06abfc491b8098d158

 

Do note that gmail does not allow you to inject emails without "From" header provided.

So you would need to being the DATA field and input the "From" and "To" header information as well as shown in the article earlier.

 

Regards,

Libin Varghese

 

0 Helpful

Go to solution
cammy.busto
Level 1
Level 1
In response to Libin Varghese

‎09-14-2017 08:49 AM

Hi Libin,

 

Thank you for your response. So the format I used for SMTP test going gmail is not the correct way? But is it possible to test it from ESA CLI for the outgoing email? The cisco TAC said that SMTP testing from ESA CLI is for incoming only and the recipient email will be checked in RAT. My colleague said that it should be working regardless if the rcpt is gmail, yahoo, etc...

 

So how do I test again from ESA CLI?

 

ironport.xxx.com> telnet x.x.x.x 25

Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
220 ironport.x.com ESMTP
ehlo x.x.x.x
250 ironport.x.com
mail from: test <test@x.com>
250 sender <test@x.com> ok
rcpt to:test@gmail.com  ----------- how about this?

 

Please help! Thanks

 

 

 

0 Helpful

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to cammy.busto

‎09-14-2017 10:29 AM

Hello,

 

Testing from the CLI can be performed for incoming or outgoing behavior, it simply depends on the Listener/Sender Group/Mail Flow Policy you're hitting when the connection has been made.

 

Aside from that, you'll want to add in the friendly To: and From: information with your test, which would be under data.

 

 

telnet x.x.x.x 25
mail from: user1@example.com
rcpt to: user2@example.com
data
From: "User 1" <user1@example.com>
To: "User 2" <user2@example.com>
Subject: Here's a subject.
bleep bloop!
.

Thanks!

-Dennis M.

0 Helpful

Go to solution
cammy.busto
Level 1
Level 1
In response to dmccabej

‎09-14-2017 09:47 PM

Hi All,

 

Using "diagnostic" from ESA CLI, I can now test my outgoing email.

 

Thanks a lot from your inputs :)

0 Helpful
Customers Also Viewed These Support Documents