05-10-2019 03:01 AM - edited 05-10-2019 08:09 AM
Hello All,
We enabled SMTP call-ahead towards O365 .
We tested SMTP call-ahead but found it not working correct
We used 27 recipients … DHAP is set to 25 ( default ) . So we got also the DHAP warning in the log. So 25 mails seemed to go through also normal……….The 26th and 27 got dropped and the graylist policy kicked in ( throttled )
But :
We then did single tests with some of the recipient addresses we used in the previous step.
All got dropped by the call-ahead mechanisme ( ESA ) which is ok..... except if we used the 26th address from the previous list !!!
SMTP call-ahead said it existed at O365 :-) Let it through and O365 did the NDR .
We also did a smtp call-ahead on the CLI which let to the same result :
Test results:
Call-Ahead server: x.x.x.x
Profile: Profile_ACC (Static Call-Ahead Servers)
Address: dfdfdfdf@domain.com
Response: 250 Recipient OK
Action: ACCEPT
So in brief :
- At 25 recipients we get the DHAP warning in the log and the sending server got categorized also in the GRAYLIST ( throttled policy we have )
- Somehow the 26th invalid email recipients gets through :-) SMTP Call-ahead says Response: 250 Recipient OK
- This is very strange since the recipients really doesn't exists in O365 , not in the RAT, not in any table.
- It's an email address which doesn't mean a thing : dfdfdfdf@domain.com
We already flushed the SMTP call-ahead cache. Did not solve the issue. Lowered he cached entries to 100 . No solution, created a new SMTP call ahead profile.. no luck.. Rebooted the appliances no luck
the address still gets through and we don't seem find why ??? Is cache flushing not working ok ? And/or is the cache retained when rebooting the system ?
Also set the DHAP to unlimited did new tests with other email addresses and that reacted fine. Just that one address keep banging my head to the wall
We also deleted the SMTP call ahead profile and switched back to LDAP Accept query.. That way the above address gets rejected right away ( since it does not exist in our ldap ) .. As soon as I create a completely new SMTP call ahead profile and sent to the above address :: recipient OK ……. and I'm certain it's nowhere listed on our esa's…. where does the call ahead feature keeps his cache ? Flushing really doesn't help
Is there some known bug with DHAP enabled and SMTP call-ahead?
Any idea ?
Solved! Go to Solution.
05-13-2019 12:47 AM
Seems the issue is O365 related !
When I do a manuel telnet session from our esa to O365 and rcpt to : -> the recipient that get's trough ……. it's accepted
So there is an issue with the directory cache in our O365 tenant
Also the DHAP issue with +25 recipients where the 26th got trough..We cannot simulate this one .
Regs
05-13-2019 12:47 AM
Seems the issue is O365 related !
When I do a manuel telnet session from our esa to O365 and rcpt to : -> the recipient that get's trough ……. it's accepted
So there is an issue with the directory cache in our O365 tenant
Also the DHAP issue with +25 recipients where the 26th got trough..We cannot simulate this one .
Regs
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: