Having routing issues with mail routing through firewall
I have an ASA 5506 and trying to troubleshoot an issue with mail since moving to Office 365 Exchange Online. I still have an on-premise server which sends mail from our application. Since migrating to O365, mail from this server either gets rejected by or dumped to spam on the target server. I have created the proper DNS records based on the O365 documentation and all appear to be correct. While evaluating the Internet header of email from a target server which deposits into spam, I see the IP address in the sender appears to be my firewall IP which I don't have an MX or SFP record for. I have the following configuration in place. The public IP is 22.214.171.124. I'm not well versed in CLI capture but I believe I have the correct parts of the configuration. Any suggestions on how to resolve this issue?
Received: from CY4PR11MB1415.namprd11.prod.outlook.com (10.173.17.17) by DM5PR11MB1418.namprd11.prod.outlook.com (10.168.104.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1101.14 via Mailbox Transport; Tue, 23 May 2017 15:13:55 +0000 Received: from CY4PR1101CA0006.namprd11.prod.outlook.com (10.172.74.144) by CY4PR11MB1415.namprd11.prod.outlook.com (10.173.17.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1101.14; Tue, 23 May 2017 15:13:49 +0000 Received: from BY2NAM03FT035.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::207) by CY4PR1101CA0006.outlook.office365.com (2603:10b6:910:15::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1124.9 via Frontend Transport; Tue, 23 May 2017 15:13:49 +0000 Authentication-Results: spf=fail (sender IP is 126.96.36.199) smtp.mailfrom=CDE.COM; cde.com; dkim=none (message not signed) header.d=none;cde.com; dmarc=none action=none header.from=CDE.COM; Received-SPF: Fail (protection.outlook.com: domain of CDE.COM does not designate 188.8.131.52 as permitted sender) receiver=protection.outlook.com; client-ip=184.108.40.206; helo=MAR.CDE.COM; Received: from MAR.CDE.COM (220.127.116.11) by BY2NAM03FT035.mail.protection.outlook.com (10.152.84.223) with Microsoft SMTP
Cisco ASA config
object network 18.104.22.168 host 22.214.171.124 description SMTP object network SMTPServer host 172.16.1.32 description SMTP Server for A+ object service SMTP service tcp source eq smtp
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object Private_MailServer access-list outside_access_in extended permit tcp any object Midsrvr02_Private object-group DM_INLINE_TCP_1 access-list users standard permit 172.16.1.0 255.255.255.0 access-list OUTSIDE-IN extended permit object-group DM_INLINE_SERVICE_2 any object Private_MailServer inactive access-list OUTSIDE-IN extended permit tcp any host 172.16.1.42 eq 3389 access-list OUTSIDE-IN extended permit object SMTP any host 172.16.1.32 access-list inside_access_in extended permit tcp host 172.16.1.32 any eq smtp access-list inside_access_in extended deny tcp any any eq smtp access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any access-list ICMP extended permit icmp any any
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...
Dear Team Suppose we have hundreds of rules in access policy on cisco fmc device. Now I want to fetch all access policy rules in which I have mentioned some specific port number X. Can anyone help me with the process to fetch the same?
Greetings everyone, Happy New Year! I would like to thank you all for making our ISE demos in dCloud a great success!
The ISE instant demo has been in the top 5 of Enterprise demos for a long time now and recently just moved into the #1 and 2 slots...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
A More Intuitive Cognitiv...