cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3067
Views
0
Helpful
7
Replies

ESAv sending email via command works but not from mail client

ArSh21
Level 1
Level 1

Hello,

 

I'm deploying ESAv as a demo on a local network, I've configured an Email server too and it works fine (sends email).

But the issue is that the ESA seems to not see these emails, when I use the command line (using helo and mailto commands) to send an email it works but not via a client mail or webmail.

 

Any idea what's the problem ?

1 Accepted Solution

Accepted Solutions

ArSh21
Level 1
Level 1

It works now! 

My issue was the email server didn't point to the ESA, I added it as a smarthost in the email server and it worked.

Thanks! 

View solution in original post

7 Replies 7

Robert Sherwin
Cisco Employee
Cisco Employee

You are not seeing the mail hit the ESA at all in the mail_logs?  Connection trying to be established, etc.?

 

Things that may aide you in setup:

Cisco Email Security Appliance Initial Setup

 

Also, attached - (little older, but still a wise read...) Design Guide

 

 

Yes, no mail logs in the GUI or the mail_logs or any connections , nothing.

Hello a.shambesh,

 

Can you check in the CLI tophosts command and see if there's anything at all, if not can you do the following:

On the ESA CLI, use tail mail_logs

After which, go to your mail client(s) you're using for testing and send a test email - monitor this mail log if there's any output.

If there is none - that means the connections it not reaching the ESA's IP/listener.

If there is information, please sanitize it and share it with us if possible so we can assist.

 

Thanks,

Matthew

nothing shows with the tophosts command, and the tail mail_logs shows the following :

Mon Feb 26 10:53:50 2018 Info: ISQ: on-box Destination is /tmp/euq_server.sock
Mon Feb 26 10:53:50 2018 Info: SMTP listener outmail starting
Mon Feb 26 10:53:53 2018 Info: Quarantine system ready
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner daemon state 0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:55:51 2018 Info: SDS_CLIENT: URL scanner enabled=0
Mon Feb 26 10:58:50 2018 Warning: Received an invalid DNS Response: rcode=Refused data="'+?\\x81\\x05\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\tphonehome\\nsenderbase\\x03org\\x00\\x00\\x01\\x00\\x01'" to IP 10.10.100.17 looking up phonehome.senderbase.org
Mon Feb 26 10:58:52 2018 Info: SenderBase upload: 0 hosts totaling 3410 bytes

 

but nothing shows during and after sending an email.

Ping, nslookup and dig all work though.

Nothing in the mail_logs suggest the connection did not reach the ESA.

 

Are you seeing any errors on the server sending emails to this ESA. If this is MS exchange there should be a send connector pointing to the listener on the ESA.

 

Are you able to telnet from the server to the ESA? If this telnet works it will log a new ICID in the mail_logs.

 

Regards 

Libin Varghese 

Telnet connection is refused, but I can use SSH from the server.
I'm using a linux-based server not MS exchange.

ArSh21
Level 1
Level 1

It works now! 

My issue was the email server didn't point to the ESA, I added it as a smarthost in the email server and it worked.

Thanks! 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: