Hello a.shambesh,

Can you check in the CLI tophosts command and see if there's anything at all, if not can you do the following:

On the ESA CLI, use tail mail_logs

After which, go to your mail client(s) you're using for testing and send a test email - monitor this mail log if there's any output.

If there is none - that means the connections it not reaching the ESA's IP/listener.

If there is information, please sanitize it and share it with us if possible so we can assist.

Thanks,

Matthew

nothing shows with the tophosts command, and the tail mail_logs shows the following :

Mon Feb 26 10:53:50 2018 Info: ISQ: on-box Destination is /tmp/euq_server.sock
Mon Feb 26 10:53:50 2018 Info: SMTP listener outmail starting
Mon Feb 26 10:53:53 2018 Info: Quarantine system ready
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner daemon state 0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:58:50 2018 Warning: Received an invalid DNS Response: rcode=Refused data="'+?\\x81\\x05\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\tphonehome\\nsenderbase\\x03org\\x00\\x00\\x01\\x00\\x01'" to IP 10.10.100.17 looking up phonehome.senderbase.org
Mon Feb 26 10:58:52 2018 Info: SenderBase upload: 0 hosts totaling 3410 bytes

but nothing shows during and after sending an email.

Ping, nslookup and dig all work though.

Nothing in the mail_logs suggest the connection did not reach the ESA.

Are you seeing any errors on the server sending emails to this ESA. If this is MS exchange there should be a send connector pointing to the listener on the ESA.

Are you able to telnet from the server to the ESA? If this telnet works it will log a new ICID in the mail_logs.

Regards 

Libin Varghese