No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


An Intranet Mail Server Cannot Send Email Messages When a USG2210 Serves as the Egress Gateway

Publication Date:  2015-10-13 Views:  855 Downloads:  0
Issue Description
The USG2210 serves as the egress gateway. The IP address of the LAN interface is, and the IP address of the WAN interface is x.246.10.3/24. The IP address of the intranet mail server is Intranet users cannot send email messages through the intranet mail server, but they can do that before the USG2210 is deployed.
Handling Process
Step 1 Check the software version and configuration information.

<USG2200>display version
14:11:32  2014/12/29
Huawei Versatile Routing Platform Software
Software Version: USG2200 V300R001C10SPC100 (VRP (R) Software, Version 5.30)
Copyright (C) 2008-2014 Huawei Technologies Co., Ltd.
Secoway USG2210 uptime is 1 week, 1 day, 2 hours, 26 minutes

Step 2 Change the TCP-MSS value, but the problem persists.

[USG2200]firewall tcp-mss 1300
15:27:48  2014/12/30
Warning: Configure tcp-mss will affect the system's normal service.
Continue? [Y/N]:y

Step 3 Capture packets on the mail server. The analysis of captured packets shows that the email messages are rejected due to poor reputation.

Step 4 Query the IP address reputation on the Spamhaus website. It is found that x.246.10.x in the NAT address pool of the USG2210 is blacklisted.

  Spamhaus is an international non-profit organization. Its major task is to trace spammers over the Internet and provide the spammer list to commercial spam filtering organizations.

Root Cause
The cause of the email message sending failure is that the address in the NAT address pool is in the spammer blacklist. The possible cause is that too many spams were sent from the intranet.
Currently, Spamhaus is the most influential anti-spam organization in the world. It is said that more than 80% of servers worldwide reject email messages sent from the mail servers blacklisted by Spamhaus.
You can initiate an appeal for the blacklisted IP address. If needed, query the appeal on a search engine. Alternatively, refer to the appeal procedure in