Link to home
Start Free TrialLog in
Avatar of rmullins83
rmullins83

asked on

Email issue - Remote connection dropped by remote host

We have an Exchange 2003 mail server with an SMTP conenctor setup to our ISP smtp server setup for outgoing emails. Most of the emails that we send seem to go out fine but a growing number are getting stuck in the SMTP mail queue with a 'retry' status (most seem to have large attachments). I ran a DNSreport against our domain and it flagged a connection error to our mail host (mail.domain.co.uk).

ERROR: I could not complete a connection to one or more of your mailservers:
mail.X.co.uk: Timed out [Last data sent: [Did not connect]]

I tried to telnet to our mail.domain.co.uk host and that failed to connect. Ping seems to work but I think that may be the firewall responding rather than the server. At the moment port forwarding to our mail server is setup on our firewall for HTTPS and SMTP. I think this connection issue may be causing reverse DNS from remote mail servers to fail. Any help on correcting this connection issue to our mail server would be appreciated.

regards,
RM
Avatar of peakpeak
peakpeak
Flag of Sweden image

If you cannot connet to your mail server with Telnet that's a huge issue. That part MUST work:
telnet <mail server public ip> 25
That has to work for the mail to flow.
Note that you may not be able to connect to the mail server from inside.  You need to test from the outside of your network.
did you telnet to port 25? - just plain telnet will fail

Avatar of rmullins83
rmullins83

ASKER

Yes i did telnet using telnet mail.X.co.uk 25 and that failed to connect. This was done from a PC outside of the corporate network.
ASKER CERTIFIED SOLUTION
Avatar of abhaigh
abhaigh
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
We are using a netgear DG834G router firewall and have SMTP (TCP 25) configured as an approved service for inbound and outbound connections.
I can telnet and ping OK from within the network, so this must be a firewall issue then but not to sure what :(
I'd be looking at the particular rule in your ruleset that mediates the communications between the outside world an your exchage server in the first instance
We use RPC over HTTPS using this firewall (which uses an inbound HTTPS rule to the mail server) and that works fine. SMTP is configured in the same way using a service name, port range and destination IP (mail server). I have just rerun the DNSreport and the conenction error to the mail host FQDN has corrected itself.
I have a similar sounding problem with a Netgear DG834G router running on Demon internet.  We are getting SMTP mail rejected when large attachments are involved.  I have seen a Netgear site that suggest reducing the MTU as low as 1400.  Does anyone have a view on this?
I have done further tests on our system.

I found that pinging from the server to anywhere outside was not reliable with packets of more that about 1425.  The setting in my DG834G was 1458, so I have now set it to 1400 and tested again with e-mails carrying attachments of 10MBytes.  This seems to work.

I'm not sure whether the MTU is an issue with the router or the Telephone network.  Does anyone have a view on this?
The default settig for MTUs on the DG834G seems to be 1458. We use Eclipse UK as our ISP so will get in contact with them and see what they recommend. At least then I can get answer that will narrow down if it is a router issue or PSTN issue.
Going back to the original problem, I had the smtp connector setup using a domain name rather than an IP address. This seems to have speeded up the connections a lot. Haven't changed the MTU within the router as emails with attachments so far have gone out fine. Found the site that recommended the MTU change to 1400, but will go down that route if the problems arise again. Thanks for all your posts.
On the telnet front and getting responses back from the mail server. Are there any settings within Windows Server that will block telnet from responding. I don't think this is a firewall issue as the same config is used for HTTPS and HTTP inbound packets and they all seem fine.
so long as you are telnetting to port 25 and the smtp service is running - no, the server will always HELO

if you just try to telnet %server% you will be trying to reach port 23 instead

you need to telnet %server% 25 to reach the smtp port