Encryption service Secure emails bounce with Failed to Route Message."Errorreading Signon Banner:
01/29/2020 1106 12325
DESCRIPTION: Encryption service Secure emails bounce with Failed to Route Message."Error reading Signon Banner: Connection reset by peer"
With encryption service in place on email security, when users send secure emails it might be possible that emails bounce back with below error. ---------------------------------------------------------------- ~~ SonicWall Email Security Alert (220.127.116.1185) ~~ ---------------------------------------------------------------- [Summary: Failed to Route Message] Details: Host Name: emailsec.sonicWall.com Description: Unable to route msg to server in policy 'Send Secure Mail: Deliver Message via En'. (ssl.securemail.com:25 [18.104.22.168:25] Error reading Signon Banner: Connection reset by peer) Time Stamp: Local Time: Wed Dec 31 10:38:55 2014 GMT: Wed Dec 31 15:38:55 2014 Additional Information: Recommended Action: Verify the destination server is on, and able to receive mail. Alert Configuration Page: http://emailsec.sonicwall.com/policy.html?hopto=policy.html General Alert Settings: http://emailsec.sonicwall.com/settings_monitoring.html?hopto=settings_monitoring.html
Resolution or Workaround:
To find the cause of the issue, download SMTP log and you will see following errors:
SMTP logs: Line 13780: 2014-12-31 15:38:55.335 debug [14317:2817977200] MlfSmtpClient.cpp:446 Connect() (session=201412311537520040940) Error reading Signon Banner: Connection reset by peer Line 13781: 2014-12-31 15:38:55.335 debug [14317:2817977200] MessageProcessor.cpp:3807 (session=201412311537520040940) Message Status: rejected => from: [email@example.com] to: [firstname.lastname@example.org] Line 13782: 2014-12-31 15:38:55.335 warn [14317:2817977200] MessageProcessor.cpp:1974 (session=201412311537520040940) Unable to route msg to server in policy 'Send Secure Mail: Deliver Message via En'. (ssl.securemail.com:25 [22.214.171.124:25] Error reading Signon Banner: Connection reset by peer) Line 13789: 2014-12-31 15:38:55.435 debug [14317:2817977200] MessageProcessor.cpp:1985 (session=201412311537520040940) Processing Message - successfully sent 'Failed to Route Message' alert Line 13790: 2014-12-31 15:38:55.436 debug [14317:2817977200] SMTPSession.cpp:3822 (session=201412311537520040940) MessageProcessorResult=5 outboundPath=1 Line 13791: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:743 (session=201412311537520040940) QUEUEING REAL CMD [RSET] Line 13792: 2014-12-31 15:38:55.438 debug [14317:2817977200] SMTPSession.cpp:504 (session=201412311537520040940) ECHO REMOTE MSG: 550 5.0.0 Message Rejected.
Checking SMTP logs from email security could show this Error reading Signon Banner: Connection reset by peer.
Performing packet capture on firewall shows as packets are being dropped due to network and enforced firewall rules.
This usually happens when they enable SSO authentication on firewall, so make sure to exclude the SonicWall email security IP address from SSO authentication.
This is vital for devices who do not require user authentication via SSO such as; Macintosh Apple Computers, iPads, Printers and Smart phones or Servers that do not run with a logged in user.
Below is a screenshot of the Enforcement tab on the SSO configuration properties dialog box. Here you will notice "SSO Bypass" option this is used to bypass SSO agent and allow services, hosts, Networks or Range of IPs to send their traffic through the SonicWall without having to go through user authentication via SSO.
User names used by Windows services: Programs such as a video card software, for example NVIDIA's Update, can cause issues and need to be bypassed from SSO agent in the option shown to the right.
Below are the steps for SSO enforcement:
Step 1Login to your SonicWall security appliance. Step 2 Navigate to Users > Settings. Step 3 In the Single-sign-on method drop-down menu, select SonicWall SSO Agent. Step 4Click Configure button.The SSO configuration page is displayed.