Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Subscribers 39 subscribers
  • Views 377 views
  • Users 0 members are here
Options
Suggested

Email Rejected, using Protect - Email in XGS

Stojan Cergol

Hello,

in the last few days I have noticed that certain emails are not being delivered, and I observed in the Sophos XGS 126 smtp_mail.log that the emails are being rejected. The senders and recipients exist and are known.

This issue started occurring, at least as I have been informed, after the latest firewall update XGS126 (SFOS 20.0.1 MR-1-Build342) 

Mail Logs in GUI I get Status

2024-06-26 11:35:23.217Z [4225] [209.85.221.53] F=<sender_A@gmail.com> R=<my.email@acme.com> Verifying recipient address with callout
2024-06-26 11:35:23.220Z [4225] H=mail-wr1-f53.google.com [209.85.221.53]:42212 I=[xxx.xxx.xxx.xxx]:25 Ci=4225 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no SNI=mail.corpnaga.net F=<sender_A@gmail.com> rejected RCPT <my.email@acme.com>: Address unknown
2024-06-26 11:35:23.258Z [4225] H=mail-wr1-f53.google.com [209.85.221.53]:42212 I=[xxx.xxx.xxx.xxx]:25 Ci=4225 incomplete transaction (QUIT) from <sender_A@gmail.com>
2024-06-26 11:35:23.258Z [4225] SMTP connection Ci=4225 from mail-wr1-f53.google.com [209.85.221.53]:42212 I=[xxx.xxx.xxx.xxx]:25 D=0.818s closed by QUIT



2024-06-26 13:35:09.093Z [25823] SMTP connection from [195.149.xx.xxx]:7896 I=[xxx.xxx.xxx.xxx]:25 Ci=25823 (TCP/IP connection count = 0)
2024-06-26 13:35:09.736Z [25823] [195.149.xx.xxx] F=<sender_B@someserver.com> R=<my.email@acme.com> Verifying recipient address with callout
2024-06-26 13:35:09.739Z [25823] H=kpedge.someserver.com [195.149.xx.xxx]:7896 I=[xxx.xxx.xxx.xxx]:25 Ci=25823 X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<sender_B@someserver.com> rejected RCPT <my.email@acme.com>: Address unknown
2024-06-26 13:35:09.749Z [25823] H=kpedge.someserver.com [195.149.xx.xxx]:7896 I=[xxx.xxx.xxx.xxx]:25 Ci=25823 incomplete transaction (QUIT) from <sender_B@someserver.com>
2024-06-26 13:35:09.753Z [25823] SMTP connection Ci=25823 from kpedge.someserver.com [195.149.xx.xxx]:7896 I=[xxx.xxx.xxx.xxx]:25 D=0.660s closed by QUIT

I have currently disabled Recipient verification in Spam protection.
I am wondering what might be wrong and how I should address this issue?

Thank you for your help.



Added TAGs
[edited by: emmosophos at 9:31 PM (GMT -7) on 26 Jun 2024]
Parents
  • +1

    Hello Stojan,

    this happens sometimes when the callout is not answered in a timely manner. Maybe your internal server is not responding to this?

    If you use Windows ADS we could change this to "In Active Directory" instead of "with callout" (to the mailserver).

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • +1

    Hello Stojan,

    this happens sometimes when the callout is not answered in a timely manner. Maybe your internal server is not responding to this?

    If you use Windows ADS we could change this to "In Active Directory" instead of "with callout" (to the mailserver).

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Children
Unfiltered HTML