Please contact your support team and open a service request for this issue so it can be investigated further.
System Support Specialist
SaaS Email and Web Security
McAfee. Part of Intel Security.
More often than not, you will find this is an issue with the recipients server rejecting the SMTP connection, e.g. Firewall issue.
we have the same problem that started yesterday.. The rejected emails from MXLOGIC is completely random.. I have a ticket open with them, and apparently there's a parent ticket which they are looking into affecting multiple customers
But is it really McAfee rejecting the email? This is not an error that is generated by McAfee.
yes.. the bounceback error is saying that mxlogic server is rejecting the message. At least for us that's the message that we've been getting. I've been told by the mxlogic support team this morning that its the only major ticket that has been escalated and is being worked on currently.
The NDR says the sender's server is generating the NDR, for which McAfee is relaying back. That's how I see it.
The 502 Command Not Implemented error was technically issued by the SaaS Email Protection service, however it was caused by the sending server. The 502 error is issued rarely, only when a sending server continues to feed data to a McAfee MTA after a tempfail or other bounce has been issued, or when a sending server attempts to issue a command that is non-standard (such as VRFY). In many cases we saw yesterday, our system issued a temp-fail for a message suspected to be spam, which was ignored by the sending server which continued to send data. The SaaS System responded to that continued data with a command not implemented error since the information it was receiving was not a command response, but more data, which the service could no longer interpret since the data phase of the transaction was closed.
Most instances over the last few days were caused by systems that had been unknowngly infected with malware that generated fax-spam.
Bradly McGarr, Security+, MCP, MTA-Windows OS, CIW-WFA, A+
McAfee SaaS Email & Web Security Technical Support Technician
The only reference I find so far in the McAfee KB, relates to outbound servers, TLS and Cisco PIX or ASA Firewall. If this is an additional reaction with McAfee's MTA, this would be a good additional KB item to add.
It's not likely to be added any time soon to the KB since it was a "perfect storm" of factors that are exceptionally unlikely to occur under normal circumstances.