Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
3
Replies

Error 500

junsheng
Level 1
Level 1

‎12-12-2016 07:16 PM

At "Choose Authorization Method" choose Email and "Email Administrators"

Select "Authorizer" and "Send Email".

I got the error message. What's wrong.

Labels:
Preview file
191 KB
0 Helpful
3 Replies 3

David Stought
Cisco Employee
Cisco Employee

‎12-14-2016 10:07 AM

Hello junsheng,

We looked into this error and there are a couple of issues.  The service gets the list of authorized email administrators from WhoIs and SOA records. 

In the SOA record the "responsible mail addr" is set to hostmaster when it should be something like hostmaster.yourdomain.com such that a valid email address can be translated from the record (i.e. hostmaster@yourdomain.com.

Secondly, in the WhoIs record, the server is returning the contact information in an unexpected format and our system is not able to process it correctly to extract the email address.  The error is a result of attempting to send an email to an invalid email address. We will work to account for this format when processing WhoIs records.

In the meantime, the SOA record can be corrected to include the domain information.  This will allow the system to progress with validating the network resource you are attempting to register with the Cisco Threat Awareness Service.

Thanks,

David

Cisco Threat Awareness Service Team

0 Helpful

junsheng
Level 1
Level 1
In response to David Stought

‎12-14-2016 06:23 PM

Dear sir,

I don't understand what's you mean.

The system need to check DNS SOA?

But now, I can send and receive mail correctly using currently DNS setting.

And I'm not choose hostmaster as receiver.

Preview file
197 KB
0 Helpful

David Stought
Cisco Employee
Cisco Employee
In response to junsheng

‎12-15-2016 07:36 AM

Hello junsheng,

The system gets the owner of the domain for email authorization using both the WhoIs record and the SOA record.  The WhoIs server is in an unexpected format so the system is not able to properly extract the email address from the record.  We are working to be able to process this format and correctly get the owner's email address.

Alternatively, you would have been able to choose the other email address the system found from the SOA record in order to proceed further.  However, this will not work because the SOA record is incorrect.  According to [RFC1912 2.2] it is recommended to format the entry as "hostmaster.domain.com", making sure "hostmaster@domain.com" is a valid email address.  This entry only has "hostmaster", which is incorrect.

If you can fix the SOA record and hostmaster@domain.com is a valid email address then this can be used to progress further and have your network resource validated.  Otherwise, in order to validate the domain using the WhoIs record our system will need to be updated to properly extract the email address. 

Thanks,
David

Cisco Threat Awareness Service Team

0 Helpful
Customers Also Viewed These Support Documents