Emails rejected by DLP Cloud Service with 450 connection refused and Socket error code 10061
Article ID: 170071
Updated On:
Products
Issue/Introduction
All emails are being rejected with connection refused messages, from O365 senders to DLP Cloud Service.
The following is an example of the error:
Reason: [{LED=450 4.4.316 Connection refused [Message=Socket error code 10061]...Environment
Newly provisioned DLP Cloud Service for Email instance, with all messages bouncing from sender.
Cause
The SmartHost connector is not configured correctly - it requires the FQDN for the DLP Cloud Detection Server.
Resolution
Confirm the FQDN details from the Welcome Email sent after the Cloud Detection server was provisioned.
<DetectorID>.ds.dlp.protect.symantec.com
Note that the above FQDN is still correct for customers who were provisioned prior to 2021.
But for customers provisioned since February 2021, the FQDN should be as follows:
<DetectorID>.ds.dlp.protect.broadcom.com
Additional Information
For best results, use NSLOOKUP to verify that the FQDN is valid.
Newer Detectors only have "broadcom.com" as valid FQDN:
> <DetectorID>.ds.dlp.protect.symantec.com
*** nadns.broadcom.net can't find <DetectorID>.ds.dlp.protect.symantec.com: Non-existent domain
> <DetectorID>.ds.dlp.protect.broadcom.com
Non-authoritative answer:
Name: smtp-us-east1-p01-i01-si01.dlp.protect.broadcom.com
Address: 144.49.246.194
Aliases: <DetectorID>.ds.dlp.protect.broadcom.com
Whereas older Detectors have both forms as valid for the domain:
> <DetectorID>.ds.dlp.protect.symantec.com
Non-authoritative answer:
Name: smtp-us-east1-p01-i01-si01.dlp.protect.broadcom.com
Address: 144.49.246.194
Aliases: <DetectorID>.ds.dlp.protect.symantec.com
<DetectorID>.ds.dlp.protect.broadcom.com
Feedback
