Encryption service Secure emails bounce with Failed to Route Message."Errorreading Signon Banner:
01/29/2020 
1106 
12751
DESCRIPTION:
Encryption service Secure emails bounce with Failed to Route Message."Error reading Signon Banner: Connection reset by peer"
RESOLUTION:
Problem Definition:
With encryption service in place on email security, when users send secure emails it might be possible that emails bounce back with below error.
----------------------------------------------------------------
~~ SonicWall Email Security Alert (8.0.6.2785) ~~
----------------------------------------------------------------
[Summary: Failed to Route Message]
Details:
Host Name: emailsec.sonicWall.com
Description: Unable to route msg to server in policy 'Send
Secure Mail: Deliver Message via En'.
(ssl.securemail.com:25 [54.208.11.82:25] Error
reading Signon Banner: Connection reset by peer)
Time Stamp:
Local Time: Wed Dec 31 10:38:55 2014
GMT: Wed Dec 31 15:38:55 2014
Additional Information:
Recommended Action: Verify the destination server is on, and
able to receive mail.
Alert Configuration Page: http://emailsec.sonicwall.com/policy.html?hopto=policy.html
General Alert Settings: http://emailsec.sonicwall.com/settings_monitoring.html?hopto=settings_monitoring.html
Resolution or Workaround:
To find the cause of the issue, download SMTP log and you will see following errors:
SMTP logs:
Line 13780: 2014-12-31 15:38:55.335 debug [14317:2817977200] MlfSmtpClient.cpp:446 Connect() (session=201412311537520040940) Error reading Signon Banner: Connection reset by peer
Line 13781: 2014-12-31 15:38:55.335 debug [14317:2817977200] MessageProcessor.cpp:3807 (session=201412311537520040940) Message Status: rejected => from: [test@test.com] to: [test@test.com]
Line 13782: 2014-12-31 15:38:55.335 warn [14317:2817977200] MessageProcessor.cpp:1974 (session=201412311537520040940) Unable to route msg to server in policy 'Send Secure Mail: Deliver Message via En'. (ssl.securemail.com:25 [54.208.11.82:25] Error reading Signon Banner: Connection reset by peer)
Line 13789: 2014-12-31 15:38:55.435 debug [14317:2817977200] MessageProcessor.cpp:1985 (session=201412311537520040940) Processing Message - successfully sent 'Failed to Route Message' alert
Line 13790: 2014-12-31 15:38:55.436 debug [14317:2817977200] SMTPSession.cpp:3822 (session=201412311537520040940) MessageProcessorResult=5 outboundPath=1
Line 13791: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:743 (session=201412311537520040940) QUEUEING REAL CMD [RSET]
Line 13792: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:504 (session=201412311537520040940) ECHO REMOTE MSG: 550 5.0.0 Message Rejected.
Checking SMTP logs from email security could show this Error reading Signon Banner: Connection reset by peer.
Performing packet capture on firewall shows as packets are being dropped due to network and enforced firewall rules.
This usually happens when they enable SSO authentication on firewall, so make sure to exclude the SonicWall email security IP address from SSO authentication.
This is vital for devices who do not require user authentication via SSO such as; Macintosh Apple Computers, iPads, Printers and Smart phones or Servers that do not run with a logged in user.
Below is a screenshot of the Enforcement tab on the SSO configuration properties dialog box. Here you will notice "SSO Bypass" option this is used to bypass SSO agent and allow services, hosts, Networks or Range of IPs to send their traffic through the SonicWall without having to go through user authentication via SSO.
User names used by Windows services: Programs such as a video card software, for example NVIDIA's Update, can cause issues and need to be bypassed from SSO agent in the option shown to the right.
Below are the steps for SSO enforcement:
Step 1 Login to your SonicWall security appliance.
Step 2 Navigate to Users > Settings.
Step 3 In the Single-sign-on method drop-down menu, select SonicWall SSO Agent.
Step 4 Click Configure button.The SSO configuration page is displayed.
Below is screenshot for reference|
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
Email SecurityProtect against today’s advanced email threats
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
