ObiLan
asked on
Exchange SMTP timeout for certain incoming sender domain if sender sends attachment
I have a server with Exchange 2003 which fails to receive mail from certain outside domain if sender sends attachment. If sender from this same domain sends email without attachments it will arrive normally. I have this Exchange server behind Watchguard Edge firewall with port redirection configured. I sent mail with 15Mb attachment from other outside server and it did arrive normally.
So far I have updated NIC card drivers, lowered MTU to 1300 (tested with ping -f -l) and set smtp server timeout up to 20 minutes. I see constantly 2-3 open STMP sessions from this trouble domain, they will be cut at 20 minutes and after while they are back. From logs I found following:
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx EHLO 250 0 313 23 0 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx MAIL 250 0 52 51 0 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx RCPT 250 0 37 34 0 SMTP -
2008-10-07 19:46:40xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx MAIL 250 0 50 49 15 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx RCPT 250 0 37 34 0 SMTP -
2008-10-07 19:47:05 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx TIMEOUT 121 2126935634 84 4 3625282 SMTP -
Also sender sent me delivery delayed message:
< sender.domain.fii #4.0.0 X-Symantec-Brightmail-Gate
So the connection time outs even if I have set timeout limit to 60min. What to do?
So far I have updated NIC card drivers, lowered MTU to 1300 (tested with ping -f -l) and set smtp server timeout up to 20 minutes. I see constantly 2-3 open STMP sessions from this trouble domain, they will be cut at 20 minutes and after while they are back. From logs I found following:
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx EHLO 250 0 313 23 0 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx MAIL 250 0 52 51 0 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx RCPT 250 0 37 34 0 SMTP -
2008-10-07 19:46:40xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx MAIL 250 0 50 49 15 SMTP -
2008-10-07 19:46:40 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx RCPT 250 0 37 34 0 SMTP -
2008-10-07 19:47:05 xxx.xxx.xxx.xxx sender.domain.fi server xxx.xxx.xxx.xxx TIMEOUT 121 2126935634 84 4 3625282 SMTP -
Also sender sent me delivery delayed message:
< sender.domain.fii #4.0.0 X-Symantec-Brightmail-Gate
So the connection time outs even if I have set timeout limit to 60min. What to do?
Are you using SMTP proxy for the incoming traffic; if yes, may be the proxy is causing some problem; if that is the case we can configure incoming SMTP rule instead [normal packet filter]; we would leave the current service as configured and configure SMTP service as below:
Enabled; from specific-domain-public-ip;
Please check and update.
Thank you.
Enabled; from specific-domain-public-ip;
Please check and update.
Thank you.
ASKER
It seems that now this problem is with several outside domains (max 5 I think). Server had McAfee Virusscan 8.5i installed but I uninstalled it. I tried to create another smtp connector but connections will hang there max time and time out also. I don't have proxy rule in firebox, only port forward rule.
If only port forward rule then at least the firewall is not playing the spoil sport; as you have now also uninstalled McAfee then this only points to some server setting which can cause problem; I would not be able to assist you best with server, may be some other expert would be able to help you further with the server settings.
Thank you.
Thank you.
ASKER
OK, thanks anyway dpk_wal
I installed wireshark and looked what happens in protocol level and I get following packets with trouble domains:
Response code: 451
Response parameter: Timeout waiting for client input
I installed wireshark and looked what happens in protocol level and I get following packets with trouble domains:
Response code: 451
Response parameter: Timeout waiting for client input
I think gupnit might be able to help here as he has already posted; check with the troubled domain admins if they can point out something.
Thank you.
Thank you.
ASKER
It seems that those trouble domain admins has decided mostly to ignore me. I know that atleast one of them uses Symantec Mail Security which probably causes problems.
So I made workaround: I bought a relay service from local ISP where they add their server as a seconday in domain MX servers and it will just relay incoming messages to exchange server. This seems to work pretty well, though there is now extra 10-20min (10min timeout) delay for mails from these trouble domains.
So I made workaround: I bought a relay service from local ISP where they add their server as a seconday in domain MX servers and it will just relay incoming messages to exchange server. This seems to work pretty well, though there is now extra 10-20min (10min timeout) delay for mails from these trouble domains.
Hi,
Then you got to look at your ISP and talk to them about SLAs, 10 min is a huge time lag.
I would rather suggest get yourself unblocked from those domains. Can you elaborate what all have your tried. It seems I lost track of your quesiton and didn't get reminder mails.
Thanks
Nitin
Then you got to look at your ISP and talk to them about SLAs, 10 min is a huge time lag.
I would rather suggest get yourself unblocked from those domains. Can you elaborate what all have your tried. It seems I lost track of your quesiton and didn't get reminder mails.
Thanks
Nitin
ASKER
The original problem is that connections from some domains (~5 domains at the moment) to our exchange server will open but they will time out without any clear reason. The timeout value is 10mins. We tried to drop proxy from firewall, adjust MTU:s, adjust timeout but nothing seemed to help. If we put timeout to 30mins, connections from trouble domains will be open for 30min and timeout.
Our workaround was to put ISP mail server as secondary MX for domain so that after these trouble domains have timed out from our Exchange server, they will connect to ISP server which will will relay these mails back to our Exchange server. This will cause lag for these trouble domains, ISP server relays
mails immediately.
Our workaround was to put ISP mail server as secondary MX for domain so that after these trouble domains have timed out from our Exchange server, they will connect to ISP server which will will relay these mails back to our Exchange server. This will cause lag for these trouble domains, ISP server relays
mails immediately.
Great, Like I hd said in the begining the remote domains could be an issue and the incoming working from ISP confirms the same.
Still we can use SMTPDiag to troubleshoot if there is any issue at your end.
Download and Use :: :http://www.microsoft.com/downloads/details.aspx?familyid=bc1881c7-925d-4a29-bd42-71e8563c80a9&displaylang=en
Let me know the results
Thanks
Nitin
Still we can use SMTPDiag to troubleshoot if there is any issue at your end.
Download and Use :: :http://www.microsoft.com/downloads/details.aspx?familyid=bc1881c7-925d-4a29-bd42-71e8563c80a9&displaylang=en
Let me know the results
Thanks
Nitin
ASKER
Hi Nitin
Sorry for delay but all tests passed with Smtpdiag.
-Tomi
Sorry for delay but all tests passed with Smtpdiag.
-Tomi
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
One of our clients received this error message when trying to send an email with an attachment to us. We are behind a Watchguard Firewall. I had to go into the firewall and allow the ip addresses for the sender's mx record - Setup\Intrusion Prevention\Blocked Sites Exception. The email was then able to be received.
-Roger
-Roger
I would trust my setup if I am not facing this problem from any other place. If the issue is only with this domain, then I would rather check with admin of the remote domain.
See, rather than changing your settings, verify from multiple external domains whether they are facing issues, if not, then it could be an issue with that particular domain itself and they got to look at their connectivity.
Thanks
Nitin