Hi there,
Does anyone have experince of implementing Meraki firewall along with ArGo mail server?
My mail server isn't working properly after I install MX84. A lot of pending emails got stuck in the outbox of mail server but it happens occasionally. it took around 10 mins to delivered success.
- I have checked bandwith on the MX84 and it's not full when the problem occurred.
- Rule checked on the MX84 (Allow any any at the end).
- I have set the mail server as whitelist in MX84.
- No endpoint firewall on the mail server
Below is ArGo mail server setting.
Please help me on this.
Thank you
I have no experience with ArGo, but are you sure this is due to the MX84? Mailservers sometimes tend to delay delivery to avoid being blocked as spam servers due to high numbers of delivered e-mail.
The only thing that is not bypassed when the Server is whitelisted is IPS/IDS on the MX.
Go ahead and disable Intrusion Detection under Security SD WAN -> Threat Protection and see if the outbox starts clearing.
I'm thinking @Seshu is on the right track, it is IPS causing the problem. It currently has sigatures that firewall on large SMTP headers (can't quite remember, but like 512 bytes or larger).
If you go "Security & SD-WAN/Threat Protection", and the go to the "Intrusion detection and prevention" section, and then "White Listed Rules" and then click on "Whitelist an IDS rule" the drop down box shows rules that have recently fired.
You can also enter (smtp) in the search box. If something shows up that you can make a decision if it is a real threat or not. If not a threat then add it to the whitelist.
Hi @PhilipDAth and @Seshu,
Thank you for your advice but I'm sorry to say that my MX84 is running on Enterprise license. So, there is no "Intrusion detection and prevention" available.
You'll need to get a packet capture of it happening ... but it's probably not the MX84 then.
Perhaps you are making it onto an MX black list?
@jumpy As @PhilipDAth suggested, simultaneous packet captures on MX LAN and WAN interfaces should be the way to go to actually trace if the MX is resetting the connections to/from the server
Might want to review your MX records and make sure they are set correctly