Why is Google/Gmail/Postini giving a Command Unrecognized: "XXXXXXXX" error?
Posted by Andrew Weisz on 13 July 2012 04:41 PM
Google/GMail/Postini returns a "Delivery Status Notification (Failure)" message with the following text:
Delivery to the following recipient failed permanently:
This may also appear with (state 9); or appear for mail servers other than Google/GMail/Postini.
Most likely a Cisco ASA is performing "inspect esmtp" or "inspect smtp" on incoming e-mail traffic. If the Cisco ASA finds an objectionable incoming SMTP command, it will re-write the command replacing it with 'XXXXXXXX', before sending to your server. 'XXXXXXXX' is NOT a valid SMTP command, causing the receiving mail server to issue a '500 Unrecognized Command' response.
The immediate fix for this issue is to disable "inspect ESMTP" and "inspect SMTP" on the Cisco ASA causing problems.
To verify this is the problem, you will need to capture the network traffic before and after the Cisco ASA to determine what SMTP command is triggering this issue. Then a bug report can be filed with Cisco, if it hasn't been fixed already in their recent ASA software.
With SMTP inspection, Cisco monitors SMTP commands and the firewall esmtp state machine keeps track of the SMTP state, generating errors if the following rules are not observed: