Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3022
Views
5
Helpful
13
Replies

ESA not updating to senderbase

Go to solution
slicciardola
Level 1
Level 1

‎06-05-2017 03:10 AM

Hi all,

i've updated my appliances to the latest asyncos versions.

next i reconnected the cluster but i cannot connect anymore to senderbase.

this is the situation from CLI:

SenderBase Host Status
Host success/fail: Unknown (never contacted)

SBRS Status
Host success/fail: Unknown (never contacted)

repengstatus

Component Last Update Version
Reputation Engine 05 Jun 2017 09:44 (GMT +00:00) 1.2.0-079
Reputation Engine Tools 05 Jun 2017 09:44 (GMT +00:00) 1.2.0-079

i've already tried a manual repengupdate force, but with no success.

Any help would really be appreciated.

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 07:38 AM

Trace emulates a message as being accepted by a listener and prints a summary of features that would have been “triggered” or affected by the current configuration of the system (including uncommitted changes).

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118102-troubleshoot-esa-00.html

- Libin V

View solution in original post

13 Replies 13

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎06-05-2017 04:59 AM

Hi,

I've normally seen this when there is no active mail flow on the appliance from public IP addresses.

The sbstatus shows never contacted till it gets a connection from a public IP address it can lookup on senderbase.

Thank You!

Libin Varghese

0 Helpful

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-05-2017 05:05 AM

Hi Libin,

thanks for the answer, this is the nslookup command result from the CLI

(Machine xxxxxxxxxxx)> nslookup

Please enter the host or IP address to resolve.
[]> senderbase.org

Choose the query type:
1. A the host's IP address
2. AAAA the host's IPv6 address
3. CNAME the canonical name for an alias
4. MX the mail exchanger
5. NS the name server for the named zone
6. PTR the hostname if the query is an Internet address,

otherwise the pointer to other information
7. SOA the domain's "start-of-authority" information
8. TXT the text information
[1]> 1

A=23.0.174.27 TTL=30m
A=23.0.174.19 TTL=30m

thanks

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 05:17 AM

Apologies. I wasn't referring to looking up DNS records for senderbase.org.

When there is active mail flow on the appliance, the ICID from a public IP address would be looked up on senderbase automatically.

Is this device currently handling email flow from the internet.

- Libin V

0 Helpful

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-05-2017 05:39 AM

oh ok, no, this is still a "test" cluster even if configured with up to 2020 licensing.

i've to switch and old infrastructure to this one.

So until i will put it in production i will not be able to connect to senderbase?

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 05:49 AM

That would be accurate.

Senderbase success would mean able to connect to senderbase, failure would mean unable to connect and unknown just signifies it hasn't had the opportunity to connect to senderbase yet.

The device would connect to the senderbase only when required, hence the output.

You could telnet to the lab device from somewhere within your network which has a public IP address over port 25 to perform the lookup. Private IP addresses would not work.

- Libin V

0 Helpful

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-05-2017 05:53 AM

so you mean?

make a telnet from the esa to?

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 05:55 AM

No. Telnet to the ESA over port 25 from any system with a public IP address.

If the connection reaches the ESA it would lookup the reputation for that IP address.

- Libin V

0 Helpful

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-05-2017 05:56 AM

ESA is not yet natted to the external world, but only visible in our network.

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 06:06 AM

Would need to wait for active mail flow, then.

You could try using System Administration -> Trace feature on that device, however there are a few defects that suggest it does not fetch the SBRS score and just displays N/A on trace.

- Libin V

0 Helpful

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-05-2017 06:46 AM

hi, the trace option for? what?

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-05-2017 07:38 AM

Trace emulates a message as being accepted by a listener and prints a summary of features that would have been “triggered” or affected by the current configuration of the system (including uncommitted changes).

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118102-troubleshoot-esa-00.html

- Libin V

Go to solution
slicciardola
Level 1
Level 1
In response to Libin Varghese

‎06-06-2017 01:16 AM

done.

simulating a trace woke up senderbase contact!

thanks

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to slicciardola

‎06-06-2017 02:38 AM

Glad to hear it worked.

- Libin V

0 Helpful
Customers Also Viewed These Support Documents