Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
751 Views 2 Replies Latest reply: Nov 8, 2013 1:11 PM by ser_caretower RSS
ser_caretower Newcomer 21 posts since
Feb 11, 2013
Currently Being Moderated

Nov 6, 2013 2:52 PM

451 Could not verify recipients All MX servers unavailable for domain - Hybrid to MEG7.5 relay

Hello everyone on the communities.

 

We have this behavior and SAAS is blocking our inbound messages with the next SMTP response ( please see the attachment for a full screenshot description ).

 

MessageDisposition: [451 Could not verify recipients(4a1aa725.0.4874985.00-2011.7739603.s13p02m013.mxlogic.net): All MX serversunavailable for domain caretowerlab.com (Mode: normal); Backend TLS: yes;Backend IP: n/a; Policy Set: Default Inbound]

 

 

If you can have a look and advice it would be much appreciated.

 

Thanks.

 

Sergio

 

 

Hi all,

We cantenable the Hybrid solution under this environment ( typical one ).

Meg 7.5 inExplicit Proxy.

We haveexperienced 2 behaviors:

1:

If wedeactivate the hybrid mode, the emails are pushed to the SAAS and SAAS deliverto our MEG 7.5

Client =>SAAS cloud => MEG 7.5 => Exchange. 

All OK,almost….. The SAAS portal enable full policy set, and we cant push the policiesvia MEG 7.5. The emails are scanned twice by both engine systems (AV – SPAM –DLP – Image – etc).

Obviouslythe activity of the SAAS doesn’t report in MEG 75 ( Blocked by Hybrid 0 , 0 )

Hybrid modeis disabled. Email from our test hits SAAS, process the message and delivers toMEG 7.5

MEG7.5receives the message

We can seethat message on the control console ( by Deactivating the service first, togain access to message Audit )

 

Timestamp

 

Event

 

2013-11-06  19:45:21 GMT

 

Recipient Disposition: [250 Backend; Mode: normal; Queued: no; Frontend  TLS: no; SPF: n/a]

 

2013-11-06  19:45:21 GMT

 

Message Disposition: [250 Backend Replied  [24c9a725.0.4872511.00-2193.7735034.s13p02m013.mxlogic.net]: Requested mail  action okay, completed. (Mode: normal); Backend TLS: yes; Backend IP:  81.142.118.219; Policy Set: Default Inbound]

 

 

Keep your eyes on the Backend IP value.  Now we are going to enable hybrid:

 

2:

If hybridis activated.

The emailsdon’t pass through.

Let me developthe proof.

Theregistration process is completed:

It bringsthe domains that are configured on the SAAS Portal. In this case 2 ( 1 disabled)

 

Se we can see in the portal that is enabled

 

Now iswhere the problems come with big intensity ( SMTP Flow stopped!!! )

Now we aregoing to get more details from the control console, Deactivating the hybridfisrt to enable the Message Audit in the Control Console. 

 

 

 

2013-11-06  19:58:02 GMT

 

Recipient Disposition: [250 Deferred; Mode: normal; Queued: no; Frontend  TLS: no; SPF: n/a]

 

2013-11-06  19:58:02 GMT

 

Message Disposition: [451 Could not verify recipients  (14f9a725.0.382089.00-2332.734135.s13p02m014.mxlogic.net): All MX servers  unavailable for domain caretowerlab.com (Mode: normal); Backend TLS: yes;  Backend IP: n/a; Policy Set: Default Inbound]

 

 

Anothertest: Hybrid enabled.

Now we aregoing to get more details from the control console, deactivating the hybridfirst to enable the Message Audit in the Control Console. 

 

 

 

Timestamp

 

Event

 

2013-11-06  20:08:24 GMT

 

Recipient Disposition: [250 Deferred; Mode: normal; Queued: no; Frontend  TLS: no; SPF: n/a]

 

2013-11-06  20:08:24 GMT

 

Message Disposition: [451 Could not verify recipients  (4a1aa725.0.4874985.00-2011.7739603.s13p02m013.mxlogic.net): All MX servers  unavailable for domain caretowerlab.com (Mode: normal); Backend TLS: yes;  Backend IP: n/a; Policy Set: Default Inbound]

 

 

 

 

We can seea 451 error: All MX Servers are unavailable (?). What really scares is the factof

Backend IP: n/a; when Hybridis enabled.
It looks like the SAASis unable to reach the MEG 7.5 IP address.
TLS settings

 

Note:

Whentesting the SMTP on the Hybrid we get this error / warning

The EHLOresponse from the server after establishing a TLS connection did not offer theexpected extensions

 

We have  tried all the settings in all combinations of the settings, even the  appliance is on Explicit and the below applies to transparent bridge and  router.

 
   

Can  anyone help on this? I have the feeling that it might be due to the firewall  settings which might be filtering encapsulated traffic ? Like ESMPT.
  Or the impossibility of sending the certificate through the port 25 ( stopped  by the Firewall somehow ).

If so why  if we Deactivate the registration with SAAS the mail flows normally?

 

I will  open a case with McAfee to see what else can we try.

 

 

ReferencesConsulted.

http://www.ietf.org/rfc/rfc3207.txt

https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&aid=2781 9

https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=564175229 CQUGZLHWZOKKPSIX[YJGGYERMPWBCIZ&inc=31043&caller=~%2fFindAnswers.aspx%3flstFilte r_a%3d3%26txtCriteria%3d451+Could+not+verify+recipients%26sSessionid%3d564175229 CQUGZLHWZOKKPSIX[YJGGYERMPWBCIZ

https://community.mcafee.com/thread/61672

https://community.mcafee.com/message/296363

https://community.mcafee.com/thread/57533

 

Thanks,

Sergio_m@caretower.com

Attachments:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points