Palo sending email issue

Reply
Highlighted
L3 Networker

Palo sending email issue

Is anyone else having the "failed to forward log to mail server: aspmx.l.google.com" causing a "mailclient: error reply: 421 4.7.0 Email Senders Guidelines. l.12 - gsmtp"  for google's mail?

Possibly started with 6.14 and maybe 6.13. I had my email settings working up until I upgraded to 6.1.3 when it all stopped. I didnt change a thing except for PAN-OS. Upgrading to 6.1.4 didn't resolve it either.

I traced it down to gmail's need for using <> in email name. Wonder if PNA 6.13+ isn't properly using <>?

I tried manually to send email with the from and to and the same ip as PAN and it worked but PAN itself has logs showing it's having a syntax issue sending mail.

These are the logs generated:

2015-06-01 17:29:28.426 -0400 Error:  _pan_email(pan_email.c:295): failed to forward log to mail server: aspmx.l.google.com

mailclient: error reply: 421 4.7.0 Email Senders Guidelines. j8si13629871qcl.12 - gsmtp

2015-06-01 17:30:01.051 -0400 Error:  _pan_email(pan_email.c:295): failed to forward log to mail server: aspmx.l.google.com

2015-06-01 17:30:05.280 -0400 Error:  pan_email_settings_parse(pan_server_settings.c:720): email and-also-tonot specified

mailclient: error reply: 421 4.7.0 Email Senders Guidelines. p74si13966875qha.68 - gsmtp

2015-06-01 17:30:05.341 -0400 Error:  _pan_email(pan_email.c:295): failed to forward log to mail server: aspmx.l.google.com

,Email Medium-critical,,,,Email Medium-critical,,Email Medium-critical,,,,Email Medium-critical,,,,Email Medium-critical,,,,,,,2015-06-01 17:30:14.139 -0400 Error:  pan_cfg_get_sysd_bool(pan_cfg_utils.c:5508): failed to fetch: NO_MATCHES

2015-06-01 17:30:17.251 -0400 Error:  pan_email_settings_parse(pan_server_settings.c:720): email and-also-tonot specified

Highlighted
L3 Networker

sigh - Palo folks... thoughts?

Highlighted
L7 Applicator

Quick test in the lab shows that this works just fine for me with PAN-OS 6.1.3, 6.1.4, and 7.0.0 on a VM-300 firewall forwarding alerts to a personal gmail.com account. 

Here's a couple of helpful links.  The first link shows the acceptable use-cases for aspmx.l.google.com... make sure you are in compliance with that.  ie: are you only sending the e-mail to a gmail account or are you trying to use aspmx.l.google.com as a SMTP relay to relay the alerts to another domain? 

The 2nd link has a listing of the error codes and what they mean.  The 421,4.7.0 error is suspicious... usually points to getting blocked because of too many e-mails... but if you were able to send using a different mail client to the same address(es) using the same source IP, e-mail server configuration, destination e-mail addresses, etc. then it could be something else.  Good luck. 

Google Apps SMTP settings to send mail from a printer, scanner, or app - Google Apps Help

SMTP Error Reference - Google Apps Help

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!