Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2083
Views
0
Helpful
8
Replies

Problem in SMTP protocol through cisco ASA

imranbhatti151
Level 1
Level 1

‎03-04-2011 11:34 PM - edited ‎03-11-2019 01:01 PM

Hi all,

I am having issue while sending mails( with attachments only) to yahoo.com through Domino smtp server and i am getting below error messages

Connection broken after an error sending DATA command
Attempting to Disconnect:
Connection already disconnected

And one strange things is that normal text messages and messages with attachements less than 1 Mb is transfered normally.

We do not have any issue in sending mails to all other internet domains.

On searching IBM technote  i found that this may be caused by the Firewall  as cleared from below links

http://www-01.ibm.com/support/docview.wss?uid=swg21288905


http://www-01.ibm.com/support/docview.wss?uid=swg21431354

We are using the CISCO ASA  Version 7.0(7) and mail server is behind this firewall.

It is clear that this is not aan application issue and definitely deals with the firewall.

can any body help me to troubleshoot and resolve  this issue.

Regards

Labels:
0 Helpful
8 Replies 8

Maykol Rojas
Cisco Employee
Cisco Employee

‎03-04-2011 11:45 PM

Hello

Would you please disable your ESMTP inspection?

policy-map global_policy
class inspection_default

   no inspect ESMTP

The problem is that the version you are running is very old, so all the new options on the SMTP messages are not known by your inspection engine and it may be dropping it.

Try it out and let me know.

Mike Rojas

Mike
0 Helpful

imranbhatti151
Level 1
Level 1
In response to Maykol Rojas

‎03-05-2011 12:04 AM

Dear Rojas ,

Thank you very much for reply ,

i tried to add the command and get below error

policy-map global_policy
class inspection_default

   no inspect ESMTP

ERROR: inspection not installed or parameters do not match

Please advise

Regards

0 Helpful

imranbhatti151
Level 1
Level 1
In response to imranbhatti151

‎03-05-2011 12:37 AM

I think above error is due to that , no inspect esmtp has been enabled on firewall.

currently below are the configuration

class-map inpection_default
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect dns maximum-length 1024

Please advise

Regards

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to imranbhatti151

‎03-05-2011 09:39 AM

Hi,

It may be due to MSS size exceed, would you please try to send an email and post the syslogs for that connection.

Mike Rojas

Mike
0 Helpful

imranbhatti151
Level 1
Level 1
In response to Maykol Rojas

‎03-06-2011 11:07 PM

Dear Rojas,

It is very difficult to get exact connections details as there are many e-mails in queue from server and lot of connections from server passing through Firewall

Any way i extracted some of information and is below

srvmta003 is our mta server

%ASA-session-6-302013: Built outbound TCP connection 1106600 for   Outside:mta-v3.mail.vip.ac4.yahoo.com/25 (mta-v3.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2743 (srvmta003/2743)
%ASA-session-6-302014:   Teardown TCP connection 1095296 for Outside:mta-v3.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2494 duration 0:12:45 bytes 12007290 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1095830 for Outside:mta-v2.mail.vip.sk1.yahoo.com/25   to Inside:srvmta003/2508 duration 0:11:43 bytes 9121825 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1105824 for   Outside:mta-v1.mail.vip.sp2.yahoo.com/25 (mta-v1.mail.vip.sp2.yahoo.com/25)   to Inside:srvmta003/2727 (srvmta003/2727)
%ASA-session-6-302014:   Teardown TCP connection 1105129 for Outside:mta-v3.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2717 duration 0:00:03 bytes 7741 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1105129 for   Outside:mta-v3.mail.vip.ac4.yahoo.com/25 (mta-v3.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2717 (srvmta003/2717)
%ASA-session-6-302014:   Teardown TCP connection 1100185 for Outside:mta-v1.mail.vip.re4.yahoo.com/25   to Inside:srvmta003/2630 duration 0:04:55 bytes 4914388 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1095622 for Outside:mta-v2.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2503 duration 0:10:10 bytes 114273 FIN Timeout
%ASA-session-6-302014:   Teardown TCP connection 1103962 for Outside:mta-v2.mail.vip.sk1.yahoo.com/25   to Inside:srvmta003/2700 duration 0:00:11 bytes 97862 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1103962 for   Outside:mta-v2.mail.vip.sk1.yahoo.com/25 (mta-v2.mail.vip.sk1.yahoo.com/25)   to Inside:srvmta003/2700 (srvmta003/2700)
%ASA-session-6-302014:   Teardown TCP connection 1095750 for Outside:mta-v1.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2505 duration 0:09:22 bytes 9119662 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1095932 for Outside:mta-v2.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2511 duration 0:06:39 bytes 5877103 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1100185 for   Outside:mta-v1.mail.vip.re4.yahoo.com/25 (mta-v1.mail.vip.re4.yahoo.com/25)   to Inside:srvmta003/2630 (srvmta003/2630)
%ASA-session-6-302014:   Teardown TCP connection 1090649 for Outside:mta-v2.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2398 duration 0:07:05 bytes 6762386 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1096340 for Outside:mta-v1.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2515 duration 0:00:13 bytes 119149 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1096340 for   Outside:mta-v1.mail.vip.mud.yahoo.com/25 (mta-v1.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2515 (srvmta003/2515)
%ASA-session-6-302014:   Teardown TCP connection 1085847 for Outside:mta-v1.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2322 duration 0:11:17 bytes 10816153 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1095932 for   Outside:mta-v2.mail.vip.mud.yahoo.com/25 (mta-v2.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2511 (srvmta003/2511)
%ASA-session-6-302013:   Built outbound TCP connection 1095830 for   Outside:mta-v2.mail.vip.sk1.yahoo.com/25 (mta-v2.mail.vip.sk1.yahoo.com/25)   to Inside:srvmta003/2508 (srvmta003/2508)
%ASA-session-6-302013:   Built outbound TCP connection 1095750 for   Outside:mta-v1.mail.vip.mud.yahoo.com/25 (mta-v1.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2505 (srvmta003/2505)
%ASA-session-6-302013:   Built outbound TCP connection 1095622 for   Outside:mta-v2.mail.vip.ac4.yahoo.com/25 (mta-v2.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2503 (srvmta003/2503)
%ASA-session-6-302014:   Teardown TCP connection 1094560 for Outside:mta-v1.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2486 duration 0:00:54 bytes 722902 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1095296 for   Outside:mta-v3.mail.vip.mud.yahoo.com/25 (mta-v3.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2494 (srvmta003/2494)
%ASA-session-6-302013:   Built outbound TCP connection 1094560 for   Outside:mta-v1.mail.vip.ac4.yahoo.com/25 (mta-v1.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2486 (srvmta003/2486)
%ASA-session-6-302014:   Teardown TCP connection 1086171 for Outside:mta-v3.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2328 duration 0:07:26 bytes 7098173 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1086170 for Outside:mta-v1.mail.vip.sk1.yahoo.com/25   to Inside:srvmta003/2327 duration 0:07:22 bytes 5977636 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1092262 for Outside:mta-v3.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2447 duration 0:00:04 bytes 6081 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1092262 for   Outside:mta-v3.mail.vip.ac4.yahoo.com/25 (mta-v3.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2447 (srvmta003/2447)
%ASA-session-6-302013:   Built outbound TCP connection 1090649 for   Outside:mta-v2.mail.vip.ac4.yahoo.com/25 (mta-v2.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2398 (srvmta003/2398)
%ASA-session-6-302014:   Teardown TCP connection 1082188 for Outside:mta-v2.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2275 duration 0:07:13 bytes 5695201 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1079040 for Outside:mta-v2.mail.vip.sp2.yahoo.com/25   to Inside:srvmta003/2225 duration 0:08:27 bytes 5777528 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1079145 for Outside:mta-v1.mail.vip.sp2.yahoo.com/25   to Inside:srvmta003/2229 duration 0:07:46 bytes 5658230 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1086171 for   Outside:mta-v3.mail.vip.mud.yahoo.com/25 (mta-v3.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2328 (srvmta003/2328)
%ASA-session-6-302013:   Built outbound TCP connection 1086170 for   Outside:mta-v1.mail.vip.sk1.yahoo.com/25 (mta-v1.mail.vip.sk1.yahoo.com/25)   to Inside:srvmta003/2327 (srvmta003/2327)
%ASA-session-6-302013:   Built outbound TCP connection 1085847 for   Outside:mta-v1.mail.vip.ac4.yahoo.com/25 (mta-v1.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2322 (srvmta003/2322)
%ASA-session-6-302014:   Teardown TCP connection 1079103 for Outside:mta-v1.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2227 duration 0:03:33 bytes 2804024 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1082188 for   Outside:mta-v2.mail.vip.mud.yahoo.com/25 (mta-v2.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2275 (srvmta003/2275)
%ASA-session-6-302014:   Teardown TCP connection 1075860 for Outside:mta-v2.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2166 duration 0:06:40 bytes 5677951 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1081966 for Outside:mta-v1.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/2271 duration 0:00:03 bytes 2973 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1081966 for   Outside:mta-v1.mail.vip.mud.yahoo.com/25 (mta-v1.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2271 (srvmta003/2271)
%ASA-session-6-302013:   Built outbound TCP connection 1079145 for   Outside:mta-v1.mail.vip.sp2.yahoo.com/25 (mta-v1.mail.vip.sp2.yahoo.com/25)   to Inside:srvmta003/2229 (srvmta003/2229)
%ASA-session-6-302013:   Built outbound TCP connection 1079103 for   Outside:mta-v1.mail.vip.mud.yahoo.com/25 (mta-v1.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/2227 (srvmta003/2227)
%ASA-session-6-302013:   Built outbound TCP connection 1079040 for   Outside:mta-v2.mail.vip.sp2.yahoo.com/25 (mta-v2.mail.vip.sp2.yahoo.com/25)   to Inside:srvmta003/2225 (srvmta003/2225)
%ASA-session-6-302014:   Teardown TCP connection 1072297 for Outside:mta-v3.mail.vip.ac4.yahoo.com/25   to Inside:srvmta003/2104 duration 0:05:59 bytes 5220810 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1075860 for   Outside:mta-v2.mail.vip.ac4.yahoo.com/25 (mta-v2.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2166 (srvmta003/2166)
%ASA-session-6-302013:   Built outbound TCP connection 1072297 for   Outside:mta-v3.mail.vip.ac4.yahoo.com/25 (mta-v3.mail.vip.ac4.yahoo.com/25)   to Inside:srvmta003/2104 (srvmta003/2104)
%ASA-session-6-302014:   Teardown TCP connection 1070456 for Outside:w2.rc.vip.sp1.yahoo.com/25 to   Inside:srvmta003/2083 duration 0:00:30 bytes 0 SYN Timeout
%ASA-session-6-302013:   Built outbound TCP connection 1070456 for Outside:w2.rc.vip.sp1.yahoo.com/25   (w2.rc.vip.sp1.yahoo.com/25) to Inside:srvmta003/2083 (srvmta003/2083)
%ASA-session-6-302014:   Teardown TCP connection 1062777 for Outside:mta-v1.mail.vip.re4.yahoo.com/25   to Inside:srvmta003/1974 duration 0:08:22 bytes 6915292 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1058174 for Outside:mta-v3.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/1928 duration 0:07:10 bytes 6213924 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1062777 for   Outside:mta-v1.mail.vip.re4.yahoo.com/25 (mta-v1.mail.vip.re4.yahoo.com/25)   to Inside:srvmta003/1974 (srvmta003/1974)
%ASA-session-6-302014:   Teardown TCP connection 1053571 for Outside:mta-v1.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/1853 duration 0:05:54 bytes 4993094 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1058174 for   Outside:mta-v3.mail.vip.mud.yahoo.com/25 (mta-v3.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/1928 (srvmta003/1928)
%ASA-session-6-302014:   Teardown TCP connection 1043383 for Outside:mta-v1.mail.vip.sk1.yahoo.com/25   to Inside:srvmta003/1645 duration 0:12:28 bytes 9244736 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1053571 for   Outside:mta-v1.mail.vip.mud.yahoo.com/25 (mta-v1.mail.vip.mud.yahoo.com/25)   to Inside:srvmta003/1853 (srvmta003/1853)
%ASA-session-6-302014:   Teardown TCP connection 1040824 for Outside:mta-v3.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/1598 duration 0:14:53 bytes 12145497 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1049343 for Outside:mta-v3.mail.vip.mud.yahoo.com/25   to Inside:srvmta003/1772 duration 0:03:18 bytes 2792432 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1049515 for Outside:mta-v1.mail.vip.re4.yahoo.com/25   to Inside:srvmta003/1775 duration 0:00:34 bytes 421106 TCP FINs
%ASA-session-6-302014:   Teardown TCP connection 1049516 for Outside:mta-v3.mail.vip.sk1.yahoo.com/25   to Inside:srvmta003/1776 duration 0:00:07 bytes 48197 TCP FINs
%ASA-session-6-302013:   Built outbound TCP connection 1049516 for   Outside:mta-v3.mail.vip.sk1.yahoo.com/25 (mta-v3.mail.vip.sk1.yahoo.com/25)   to Inside:srvmta003/1776 (srvmta003/1776)

Please advise

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to imranbhatti151

‎03-06-2011 11:22 PM

Hi,

Did you at any point had the ESMTP inspection turned on? You can try to do clear local-host srvmta003 all in order to make sure that the inspection engine for ESMTP is not stuck. Another thing that you can do is to upgrade to a GD version that is newer such as 7.2.5. There we will have more troubleshooting tools to investigate this problem.

Hope it helps.

Mike

Mike
0 Helpful

imranbhatti151
Level 1
Level 1
In response to Maykol Rojas

‎03-06-2011 11:45 PM

Dear Rojas

Thanks for your reply.

I do not think that we had enabble ESMTP enabled at any time .

Upgrade to GD version 7.2.5 : does it helps.

and why not i upgrade to 8.x ?

Please advise

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to imranbhatti151

‎03-06-2011 11:49 PM

Hello,

I always recommend to the customers to maintain the trend where they are unless you need some new features that are available only on higher versions. I just want you to have the minimum impact on the network while doing this update to the firmware and a version that is a GD.

Hope it helps.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card