Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
6023
Views
0
Helpful
5
Replies

Ironport delivery expired issue

m.abdelaty87
Level 1
Level 1

‎02-12-2017 10:20 PM

We are running Cisco IronPort AsyncOS 9.7.0 .

When trying to send to some domains bounced with Delivery has failed to these recipients or groups.

in the Diagnostic information for administrators part I see that this message is generated from the Ironport and also see #< #5.0.0 smtp; 5.4.7 - Delivery expired (message too old) '250A' (delivery attempts: 0)> #SMTP#

3 people had this problem
Labels:
0 Helpful
5 Replies 5

Libin Varghese
Cisco Employee
Cisco Employee

‎02-12-2017 11:37 PM

Hi,

The error would suggest the ESA was unable to connect to the destination server and hence the email was hard bounced after retry attempts configured on the bounce profile.

You can confirm this by using "hoststatus" command for the affected domain and attempting to telnet the IP address of the destination server over port 25.

Thanks!

Libin Varghese

0 Helpful

m.abdelaty87
Level 1
Level 1
In response to Libin Varghese

‎02-14-2017 03:51 AM

Hi,

I did the “hoststutus” command for the affected domains and the output was down but when I did telnet on port 25 it connected successfully

Also be informed that when I send to the affected domains from my Gmail account it successfully send.

Thanks

Mohamed Abdelaty

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee
In response to m.abdelaty87

‎02-14-2017 04:50 AM

Hi Mohamed,

The hoststatus can be down if there are TLS negotiation errors, DNS lookup errors as well.

You can set up a packet capture for the destination server IP from GUI Help and Support -> Packet Capture to determine what the reason for the error is.

Thanks!

Libin V

0 Helpful

m.abdelaty87
Level 1
Level 1
In response to Libin Varghese

‎02-15-2017 10:00 AM

Hi Libin 

I took a packet capture for sending mail to affected domain.

Can you tell me ,which packets I need to focus on them  to extract the reason for that issue?

Thanks

Mohamed Abdelaty

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee
In response to m.abdelaty87

‎02-15-2017 10:34 AM

Hi,

If the packet capture was set for the destination IP of the affected domain you would see traffic between the ESA IP and that destination IP.

Right clicking on any one such packet -> Right click -> Follow TCP stream will help filter out details for a single connection.

If you require troubleshooting assistance I would recommend opening a TAC case to get that capture reviewed.

Thanks!

Libin Varghese

0 Helpful
Customers Also Viewed These Support Documents
Top