Forum Discussion
ASM secheduled reports "SMTP Error: The following recipients failed"
- Sep 07, 2022
Thanks for your reply !!
It's really helpful to let me think about the error may not cause by BIG-IP it self.
Although in pcap the SMTP server reponsed status 220 and 250, which should mean the request was successed. But the connection terminated at SMTP RCPT phase.
So, I searched SIEM logs to find out which device cut the connection down. Eventually it comes firewall between DMZ and Intranet dropped the request. Our firewall admin only allowed BIGIP connect SMTP port 465, which our SMTP serve at port 25. It seems BIGIP "Test Connection" doesn't base on port. (And I really have no idea why L4 firewall didn't drop the connection at the first time SMTP handshake in disallow port.)
Secheduled Reports worked fine after changed the firewall allowing WAF to SMTP server port 25.
Thanks again!
Hi,
Seen that the test button is working correctly, I suspect the problem is in the handling of the traffic on the mail server side. Maybe the sending account is not allowed to send mails, or possibly the IP address it's coming from, is not on the mail servers allowed-list? Even though authentication may not be required, there are still other mechanisms that may stop it from accepting the mail.
In the pcap's that you've taken, you should find the SMTP response codes (https://www.socketlabs.com/blog/21-smtp-response-codes-that-you-need-to-know/), these should give you a good indication of what the mail server responds. I often use these codes to then look into the mail server logs for further details.
Hope this helps.
- WilliamLinSep 07, 2022Nimbostratus
Thanks for your reply !!
It's really helpful to let me think about the error may not cause by BIG-IP it self.
Although in pcap the SMTP server reponsed status 220 and 250, which should mean the request was successed. But the connection terminated at SMTP RCPT phase.
So, I searched SIEM logs to find out which device cut the connection down. Eventually it comes firewall between DMZ and Intranet dropped the request. Our firewall admin only allowed BIGIP connect SMTP port 465, which our SMTP serve at port 25. It seems BIGIP "Test Connection" doesn't base on port. (And I really have no idea why L4 firewall didn't drop the connection at the first time SMTP handshake in disallow port.)
Secheduled Reports worked fine after changed the firewall allowing WAF to SMTP server port 25.
Thanks again!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com