Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Requeue E-Mails that failed or send NDR to sender?

Hi,

we are currently testing Sophos Central E-Mail. I just setup a test-domain on our office 365 tenant for testing purposes and configured everything. One of my test-messages has failed ("Delivery failed DSN code: 5.4.1"). 

The reason was a configuration error in my Office 365 Connector to enforce TLS. For testing purposes i disabled the Office 365 connector and sent a second e-mail. The mail arrived in my test mailbox within seconds. Perfect. I'll have to debug the Office 365 Connector for TLS enforcement between SOPHOS Central and Office 365 later.

My current question now is: Is there any option to requeue the E-Mail whose delivery has failed? In the Message history in SOPHOS central it is marked as "Delivery failed". AFAIK it will not be resend again, because then it should be marked as "In delivery queue" which will try to resend the message within 5 days (as per discription).

In this case I would expact that the sender of the message receives a Mailer Deamon. But this is not the case. So it looks like that either the sender nor the receiver of the message are notified that the sent message has not been deliverd.

So: What is the best pracitce for the case that my organization is experiencing mail delivery problems and emails have not been delivered to the end users. Is there an option to retry delivery for all failed messages or is it possible to inform the original sender about the failed message delivery? 

Thank you for your help and best regards,

nizorod



Edited tags
[edited by: Raphael Alganes at 2:22 AM (GMT -7) on 8 Jun 2023]
Parents
  • Depending on the Mail flow. 

     

    Setup: MailServer/Office365 - Central Email - The World 

     

    Somebody is sending you a Email from the Would to Central. It is inbound and Central will likely take this email for you. This email will be send to the mail server, if the mail server is not reachable, Central will try this email for 14 Days until it stops to retry. If the Mailserver replay with a error code, Central will stop to retry it. Error code is something like 5.4.1. Temporary issues starting with 4 and central will retry it later. 

    If the message is stuck in this process, there is not much to do about this message, as you cannot retry it. It will stuck there for the Admin, you can visit this email as a admin and download the content from Central. 

     

    Basically that is the default of SMTP. Do not retry it, if somebody gives you a 5xx Error. 

    We do not produce any NDR (Message delivery failure) as this is not common in SMTP for a MTA either.

     

    Most likely you should be fixing this 500 Codes between Central and Office. Those 500 Errors are also unlikely to appear in the wildness between Central and a Mailserver. Likely false configuration will cause 500 errors, as most likely issues in the communication generates 400 Errors. 

    __________________________________________________________________________________________________________________

  • Thank you for your answer and sorry for my delayed response.

    It is true, that an 500 Error should not come up when everything is configured correctly. But I was wondering how we should treat failed messages, since either the end user nor the (external) sender of the message gets an information about the stucked mail. 

    Let's say we start introducing Sophos Central E-Mail to our customers. And for some reason we have a wrong configuration and E-Mails fail to be delivered. Even if we fix the error within a short period of time, there is a chance that relevant (and most likely private) E-Mails get stuck. If i understand you correctly, in this scenario we would not have a chance to recover those E-Mails. We only can inform the internal user, that there was an E-Mail from abc@domain.tld that did not pass the E-Mail Gateway and we can't force central to resend it.

    So, my last chance would be to download the content, as you mentiond above. How would I do this? I searched through central admin, but could not find an option to download the E-Mail content. I can only see the Raw Header within the Message Details, but not the content.

     

    Thank you very much!

Reply
  • Thank you for your answer and sorry for my delayed response.

    It is true, that an 500 Error should not come up when everything is configured correctly. But I was wondering how we should treat failed messages, since either the end user nor the (external) sender of the message gets an information about the stucked mail. 

    Let's say we start introducing Sophos Central E-Mail to our customers. And for some reason we have a wrong configuration and E-Mails fail to be delivered. Even if we fix the error within a short period of time, there is a chance that relevant (and most likely private) E-Mails get stuck. If i understand you correctly, in this scenario we would not have a chance to recover those E-Mails. We only can inform the internal user, that there was an E-Mail from abc@domain.tld that did not pass the E-Mail Gateway and we can't force central to resend it.

    So, my last chance would be to download the content, as you mentiond above. How would I do this? I searched through central admin, but could not find an option to download the E-Mail content. I can only see the Raw Header within the Message Details, but not the content.

     

    Thank you very much!

Children