A fix has been implemented and we are monitoring the results.
Posted Sep 08, 2022 - 15:16 EDT
Update
We are continuing to investigate this issue.
Posted Sep 08, 2022 - 14:43 EDT
Investigating
Issue History
2022-09-08 13:30 ET – Initial document created 2022-09-08 15:15 ET - Service restored, monitoring.
Problem Description
We are seeing issues with some ESAs creating a TLS connection to the Sender Domain Reputation service. This is causing work queue backups for the affected customers.
Problem Symptoms
Entries similar to the following will appear in the Sender Domain Reputation logs:
Thu Sep 8 21:55:32 2022 Critical: client.rpc_server : THR: Thread-24: MID: XXXX389 Error occurred while connecting your appliance to the Cisco Talos Sender Domain Reputation service. Solution: Refer to the Cisco Email Security appliance user guide to obtain the hostname or IP address block details to use on the proxy server, firewall, or other devices on the network to enable the appliance to connect to the Cisco Talos cloud service. Note: You must not decrypt the HTTPS traffic originating from the appliance on a network device. Thu Sep 8 21:55:40 2022 Warning: client.rpc_server : THR: Thread-149: MID: XXXX389 SDR Request has failed due to Deadline Exceeded Thu Sep 8 21:55:52 2022 Warning: client.rpc_server : THR: Thread-138: MID: XXXX390 SDR Request has failed due to Deadline Exceeded
Workaround/Solution
To keep this from affecting mail flow, you can log in via the CLI and disable the SDR checks by running sdrconfig and setting the following option to Y:
> sdrconfig
Would you like to disable the Sender Domain Reputation check? [N]>
For More Information
If you require further assistance, or if you have any further questions regarding this issue, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
· Open a service request on Cisco.com · By email · By telephone
Receive Notifications for Urgent Issues (Email, SMS, RSS)
To receive updates on this incident or new incidents moving forward, please click here or copy/paste the below link into your web browser. Select SUBSCRIBE TO UPDATES located in the top right corner of the page, choose your preferred notification method, enter your details, and click SUBSCRIBE.