We are a hosted Cisco Secure Email customer, and our appliances sit in front of Exchange Online for both inbound and outbound mail. (An Exchange rule + connector sends external mail to Secure Email for outbound delivery)
Today I had a complaint of a bounce when a user sent mail to an external recipient:
Reason: [{LED=550 #5.7.1 Your access to submit messages to this e-mail system has been rejected.};{MSG=};{FQDN=ob1.hc[REDACTED_ESA_CLUSTER].iphmx.com};{IP=[REDACTED_ESA_IP]};{LRT=11/3/2022 12:51:29 PM}]. OutboundProxyTargetIP: [REDACTED_ESA_IP]. OutboundProxyTargetHostName: ob1.hc[REDACTED_ESA_CLUSTER].iphmx.com
I found the corresponding rejection in our appliance:
This is the first time I've seen a log like this where it's littered with (Unknown) on both the sender and recipient, SBRS "not enabled", etc. The recipient domain has a good reputation, as does our domain for the sender. Neither domain is on a blacklist. The Exchange Online IP it came from also has a good reputation with Cisco and isn't on any blacklist.
Any advice on what criteria/reason this was rejected?