Cisco Bug: CSCvv45646 - DHAP handling on SBOs in 13.5 incorrectly matches SBOs instead of IDs
Oct 10, 2020
- Cisco IronPort Email Security Appliance Software
Known Affected Releases
Symptom: After upgrading to a 13.5.x build a customer may find that their pre-existing mail load is now generating DHAP failures, and that emails they want are now being rejected. Conditions: This defect applies to any customer configured with DHAP enabled. In the past, we had associated IPs with the submasks used by the site owning those. Now we are using the Sender Base Organization ID associated with that IP. The problem is that nowdays there are plenty of hosted sites in the world. So if a customer's email is hosted by Amazon or Amazon owns the IPs fronting their servers (AWS), they will all get counted as one sum against the DHAP limit. And Amazon hosts 46 million IPs, 458 thousand of those IPs send out emails.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases