I am using Ironport strictly as an outgoing e-mail encryption engine. We use a different incoming spam filter (Barracuda). I would like to be able to go to the CRES site and send an encrypted message to our internal domain so users can establish their CRES credentials. However, the anti-spoofing rules on the Barracuda block the incoming mail because the domain it was from is our internal domain. I have whitelisted the mx-res.cisco.com address, 188.8.131.52, but I am still receiving block messages like below (I removed the actual e-mail address):
Your message did not reach some or all of the intended recipients.
Subject: Test 1 Sent: 10/15/2009 7:36 AM
The following recipient(s) cannot be reached:
(removed) on 10/15/2009 7:36 AM The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator. mx1.res.cisco.com #5.0.0 smtp; 5.1.0 - Unknown address error 550-'Blocked\x00\x006' (delivery attempts: 0)
First of all, are there other IP addresses I should be whitelisting for Cisco RES outbound e-mail mail servers? What else do I need to do? I don't want to turn of the anti-spoofing, due to the spam we would receive.