- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Encryption service Secure emails bounce with Failed to Route Message."Errorreading Signon Banner:
01/29/2020 
1,106 People found this article helpful
98,533 Views
Description
Encryption service Secure emails bounce with Failed to Route Message."Error reading Signon Banner: Connection reset by peer"
Resolution
Problem Definition:
With encryption service in place on email security, when users send secure emails it might be possible that emails bounce back with below error.
----------------------------------------------------------------
~~ SonicWall Email Security Alert (8.0.6.2785) ~~
----------------------------------------------------------------
[Summary: Failed to Route Message]
Details:
Host Name: emailsec.sonicWall.com
Description: Unable to route msg to server in policy 'Send
Secure Mail: Deliver Message via En'.
(ssl.securemail.com:25 [54.208.11.82:25] Error
reading Signon Banner: Connection reset by peer)
Time Stamp:
Local Time: Wed Dec 31 10:38:55 2014
GMT: Wed Dec 31 15:38:55 2014
Additional Information:
Recommended Action: Verify the destination server is on, and
able to receive mail.
Alert Configuration Page: http://emailsec.sonicwall.com/policy.html?hopto=policy.html
General Alert Settings: http://emailsec.sonicwall.com/settings_monitoring.html?hopto=settings_monitoring.html
Resolution or Workaround:
To find the cause of the issue, download SMTP log and you will see following errors:
SMTP logs:
Line 13780: 2014-12-31 15:38:55.335 debug [14317:2817977200] MlfSmtpClient.cpp:446 Connect() (session=201412311537520040940) Error reading Signon Banner: Connection reset by peer
Line 13781: 2014-12-31 15:38:55.335 debug [14317:2817977200] MessageProcessor.cpp:3807 (session=201412311537520040940) Message Status: rejected => from: [test@test.com] to: [test@test.com]
Line 13782: 2014-12-31 15:38:55.335 warn [14317:2817977200] MessageProcessor.cpp:1974 (session=201412311537520040940) Unable to route msg to server in policy 'Send Secure Mail: Deliver Message via En'. (ssl.securemail.com:25 [54.208.11.82:25] Error reading Signon Banner: Connection reset by peer)
Line 13789: 2014-12-31 15:38:55.435 debug [14317:2817977200] MessageProcessor.cpp:1985 (session=201412311537520040940) Processing Message - successfully sent 'Failed to Route Message' alert
Line 13790: 2014-12-31 15:38:55.436 debug [14317:2817977200] SMTPSession.cpp:3822 (session=201412311537520040940) MessageProcessorResult=5 outboundPath=1
Line 13791: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:743 (session=201412311537520040940) QUEUEING REAL CMD [RSET]
Line 13792: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:504 (session=201412311537520040940) ECHO REMOTE MSG: 550 5.0.0 Message Rejected.
-
Checking SMTP logs from email security could show this Error reading Signon Banner: Connection reset by peer.
-
Performing packet capture on firewall shows as packets are being dropped due to network and enforced firewall rules.
-
This usually happens when they enable SSO authentication on firewall, so make sure to exclude the SonicWall email security IP address from SSO authentication.
-
This is vital for devices who do not require user authentication via SSO such as; Macintosh Apple Computers, iPads, Printers and Smart phones or Servers that do not run with a logged in user.
-
Below is a screenshot of the Enforcement tab on the SSO configuration properties dialog box. Here you will notice "SSO Bypass" option this is used to bypass SSO agent and allow services, hosts, Networks or Range of IPs to send their traffic through the SonicWall without having to go through user authentication via SSO.
User names used by Windows services: Programs such as a video card software, for example NVIDIA's Update, can cause issues and need to be bypassed from SSO agent in the option shown to the right.
Below are the steps for SSO enforcement:
Step 1 Login to your SonicWall security appliance.
Step 2 Navigate to Users > Settings.
Step 3 In the Single-sign-on method drop-down menu, select SonicWall SSO Agent.
Step 4 Click Configure button.The SSO configuration page is displayed.
Below is screenshot for reference|
Related Articles
- SonicWall HES IP address blocklisted by UCEProtect or Backscatter
- How to add O365 connector for domain specific routing
- SonicWall Email Security on Hyper-V Platform
Categories
- Email Security > Email Security Appliance
- Email Security > Email Security Software
- Email Security > Hosted Email Security
YES
NO