We are a hosted Cisco Secure Email customer, and our appliances sit in front of Exchange Online for both inbound and outbound mail. (An Exchange rule + connector sends external mail to Secure Email for outbound delivery)
Today I had a complaint of a bounce when a user sent mail to an external recipient:
Reason: [{LED=550 #5.7.1 Your access to submit messages to this e-mail system has been rejected.};{MSG=};{FQDN=ob1.hc[REDACTED_ESA_CLUSTER].iphmx.com};{IP=[REDACTED_ESA_IP]};{LRT=11/3/2022 12:51:29 PM}]. OutboundProxyTargetIP: [REDACTED_ESA_IP]. OutboundProxyTargetHostName: ob1.hc[REDACTED_ESA_CLUSTER].iphmx.com
I found the corresponding rejection in our appliance:
![Screenshot 2022-11-03 143433.png Screenshot 2022-11-03 143433.png](https://community.cisco.com/t5/image/serverpage/image-id/167079i0577957B2895DC00/image-dimensions/893x193?v=v2)
This is the first time I've seen a log like this where it's littered with (Unknown) on both the sender and recipient, SBRS "not enabled", etc. The recipient domain has a good reputation, as does our domain for the sender. Neither domain is on a blacklist. The Exchange Online IP it came from also has a good reputation with Cisco and isn't on any blacklist.
Any advice on what criteria/reason this was rejected?