cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6721
Views
0
Helpful
9
Replies

Soft Bounce with Error

rockbd
Level 1
Level 1

Did anyone face a soft bounce problem with following error

"amitabh.chak@xyz.com delayed. Reason: 4.3.0 - Other mail system problem ('451', ['4.7.0 Temporary server error. Please try again later. PRX2 ']) []
23 Apr 2017 17:19:50 (GMT +06:00)  

Message 2993017 to amitabh.chak@xyz.com pending until Sun Apr 23 19:19:49 2017 as per bounce profile Default.

How to mitigate this error.

1 Accepted Solution

Accepted Solutions

Libin Varghese
Cisco Employee
Cisco Employee

Hi,

This error is usually due to an issue on the exchange server side as described in the below articles.

http://stackoverflow.com/questions/20171135/exchange-2013-the-server-response-was-4-7-0-temporary-server-error-please-try

http://social.technet.microsoft.com/Forums/exchange/en-US/fc26dac5-d4e2-49da-903d-361ea8b85388/451-470-temporary-server-error-please-try-again-later-prx5?forum=exchangesvrgeneral

Most articles available point to a DNS issue on the exchange side.

Thank You!
Libin Varghese

View solution in original post

9 Replies 9

Libin Varghese
Cisco Employee
Cisco Employee

Hi,

This error is usually due to an issue on the exchange server side as described in the below articles.

http://stackoverflow.com/questions/20171135/exchange-2013-the-server-response-was-4-7-0-temporary-server-error-please-try

http://social.technet.microsoft.com/Forums/exchange/en-US/fc26dac5-d4e2-49da-903d-361ea8b85388/451-470-temporary-server-error-please-try-again-later-prx5?forum=exchangesvrgeneral

Most articles available point to a DNS issue on the exchange side.

Thank You!
Libin Varghese

Thanks.

I go through those article and make changes in my xchage and i think till now no soft bounce with that error. :)

But with a new error a few mail getting soft bounce the error is as follows:

(DCID 6013) Message 2332 to smoqwed@yahoo.com delayed. Reason: 4.4.2 - Bad connection ('000', ['Connection Lost']) []

and

Message 3002332 to smoqwed@yahoo.com received remote SMTP response 'ok dirdel'.


Is this due do some misconfig or changes of exchange?

Hi,

SMTP response 'ok dirdel' would indicate the email was delivered and this would not be a bounce.

Reason: 4.4.2 - Bad connection ('000', ['Connection Lost']) [] would normally indicate a connectivity or network issue establishing a TCP connection with the destination host.

You could try and set up a packet capture for the destination IP in question or attempt to telnet to that destination server from the device command line over port 25.

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118467-technote-esa-00.html

- Libin V

Yes you are right that the Reason:4.4.2 Bad connection is not related to soft bounce. But it occur once or twice for a one domain (reported) in a day.

How can i do packet capture in ESA? i think i have to do the packet capture in swtich or router isn't it? So there is nothing to do in ESA part. 

Waiting for your respond.

You can set up packet capture on the ESA from the GUI under Help and Support -> Packet Capture or using command "packetcapture host <IP>" from the command line.

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117797-technote-esa-00.html

The IP to use in the capture would be the IP for the destination server seen in the delivery connections (DCID).

Setting a packet capture on other network equipment in the mail flow path could also help.

- Libin V 

Thanks again for the reply.

The problem is once or twice for 1 user complain with one domain. Next time i will try to do the packet capture if problem occur again.

Another problem don't know it is ironport related or not. The problem is when i try to send mail my domain from gmail is show TLS is not enable but i enable the TLS in the iron port? As ironport is my gateway isn't gmail checking only my ironport TLS? Or other things need to be done.

Please review the message tracking details for the email in question and confirm which sendergroup is matched.

You would need to confirm TLS is enabled on that specific sendergroup mail flow policy to ensure connections are secure.

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118844-technote-esa-00.html

- Libin V

Done it but still showing same error on gmail.. what else goes wrong in this case.

You could set up a packet capture or injection debug logs for the sending IP to confirm why the connection is failing.

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117797-technote-esa-00.html

- Libin V