First off, the relevant environmental information: I'm running Exchange 2007 behind a Barracuda Spam & Virus Firewall 300.
Recently, I've started using a service that sends me a monthly report. Unfortunately, this monthly report comes in an archive that needs to be password protected. Naturally, this led to rejection notifications originating from my Barracuda box (though I suspect they might be straight from the Exchange server, given the plain formatting of the notifications). The odd thing is that I have my password protected archive filter set to quarantine, not block. Furthermore, the blocked mail does not show up in the Barracuda box's message log at all.
To troubleshoot this issue, I've been trying to send a password-protected archive from my personal email addresses to my internal address – I tried whitelisting my personal email addresses both in the Barracuda box and in the Exchange server with
set-contentfilterconfig -bypassedsenders [my address1], [my address2]
but I still got the failure notification when I used my Gmail account, and Hotmail outright rejected the message. (For clarity: this just means Hotmail didn't let me send a message with a password-protected archive attached. It's not unexpected behaviour.)
I even tried
set-contentfilterconfig -bypassedrecipients [my internal address]
but that didn't work either.
Does anyone have any idea what I might be missing here?
Here's the rejection notification:
Delivery to the following recipient failed permanently:
[my internal address]
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the
recipient domain [my domain] by [my Barracuda box's public DNS name]. [My Barracuda box's public IP].
The error that the other server returned was:
552 Password protected zip file found inside of the email
Note that this is different from the usual rejection notifications which look like this:
Delivery has failed to these recipients or distribution lists:
[recipient address]
An error occurred while trying to deliver this message to the recipient's e-mail
address. Microsoft Exchange will not try to redeliver this message for you.
Please try resending this message, or provide the following diagnostic text to
your system administrator.
The following organization rejected your message: cuda.[my domain].
_____
Sent by Microsoft Exchange Server 2007
Best Answer
Problem solved. The issue was being caused by SonicWALL's gateway anti-virus.
Note that there's no indication of the SonicWALL having a hand in it; it even uses the Barracuda box's address instead of its own in the delivery failure message.
Here's what I did:
I'd like to whitelist certain servers just for the SMTP component, but it looks like I can't. Oh well.