Hi all,
recently we deployed a DDoS cloud solution and we made the mail receiving host the ip of the cloud provider.
But no the incoming mails arrive with their IP and not the one who send the message (ex: gmail.com) and the receving Ironport ESA abort the communication.
The tracking tells the following:
Incoming connection (ICID 12387717) has sender_group: SUSPECTLIST, sender_ip: xx.xx.xx.xx and sbrs: None
07 Apr 2022 22:55:19 (GMT +02:00) Protocol SMTP interface Data 1 (IP xx.xx.xx.xx) on incoming connection (ICID 12387717) from sender IP
94.188.215.36. Reverse DNS host 215.188.94-binat-smaug.in-addr.arpa verified no.
07 Apr 2022 22:55:19 (GMT +02:00) (ICID 12387717) ACCEPT sender group SUSPECTLIST match sbrs[none] SBRS None sender IP 94.188.215.36 country XXXX
07 Apr 2022 22:55:20 (GMT +02:00) Incoming connection (ICID 12387717) successfully accepted TLS protocol TLSv1.2 cipher
ECDHE-RSA-AES128-GCM-SHA256.
07 Apr 2022 22:55:21 (GMT +02:00) Message 2219875 Sender Domain: facebookmail.com
07 Apr 2022 22:55:21 (GMT +02:00) Start message 2219875 on incoming connection (ICID 12387717).
07 Apr 2022 22:55:21 (GMT +02:00) Message 2219875 enqueued on incoming connection (ICID 12387717) from reminders@facebookmail.com.
07 Apr 2022 22:55:21 (GMT +02:00) Message 2219875 direction: incoming
07 Apr 2022 22:55:21 (GMT +02:00) Message 2219875 on incoming connection (ICID 12387717) to xxxxxx@xxxxxxxx.it was rejected by receiving control.
07 Apr 2022 22:55:21 (GMT +02:00) Message 2219875 aborted: Receiving aborted by sender
By you where is the problem? I really don't understand