Exchange Telnet / POP3 -ERR Message # is too large

Hello all,

I am having a problem with pop3 mail retrieval of larger emails. Here is what is going on. I am using telnet to connect into my exchange server. I can connect into the server fine from both inside and outside my network.

If I am INSIDE my network and I telnet into my exchange server, I have no problems. I can connect, log in, LIST 1 which will show me the size and then I can  RETR 1the email messages fine.

However, if I am OUTSIDE my network I have problems. I can connect via TELNET / POP3 and log in fine. I can LIST 1 fine. However, when I attempt to RETR 1 an email, I get the following error:

“-ERR Message number 1 is too large”

I will only get this error if the email is larger than roughly 15 mb or so up to my global limit. I can RETR them fine inside my network, but I get the error outside my network. Smaller emails go through and RETR fine inside and outside.

Here are a few tidbits of information that may be important:

1. Inside exchange I have my “Sending Message Size” globally set to 30 MB. Receiving and Recipient limits set to “No Limit”

2. There are no server-based limitations set inside exchange that I see. We are using Global settings only.

3. This problem affects all exchange servers in my environment regardless of location.

4. All offices are using the same ISP

5. All offices are running the same Cisco Firewall / ASA configuration. However I see nothing that would be blocking POP of a specific size.

6. The email itself delivers outside my network fine via SMTP as long as it is below the 30mb global limit. However I need to be able to grab them via telnet / pop3 for Journaling. This is what fails on large emails.

My guess is that this is an Exchange setting I am missing. Otherwise it’s a Firewall issue or a limitation with my ISP.

Has anyone encountered this problem before? Is there a setting somewhere that I may be missing?

Thanks!
Sel-RahcAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Berkson WeinTech FreelancerCommented:
Shot in the dark here, but is there any antispam/antivirus package running either server side or client side that might be intercepting the pop3 session?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sel-RahcAuthor Commented:
I wish it was that easy :-(. Sorry ment to add that I did try disabling my AV just to test. Its working in network so I didn't think that was the issue.
0
Berkson WeinTech FreelancerCommented:
Just because it works in network, doesn't mean it'll work out of network. There could be different rules for in-network ip's from out of network ones.  Most likely disabling it should fix it either way though, so lets move on...    Could you try from another machine outside of the network.  Maybe a linux box or something that definitely doesn't have any restrictions on it?  Again, doubtful that this will make a difference, but it's an easy test.
What version of exchange is this?
Do you have connectors / transports set up?  If so, might you somehow be connecting differently from inside vs. outside?
 
 
 
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Sel-RahcAuthor Commented:
Exchange version is 2003 with latest SPs.

I get the same result when trying to pull the email from telnet on other computers outside the network. If it is a smaller email it works fine but larger emails immediately error saying too large. I don't see anything that should change the connection rules but obviously something is.

It is not a connector that is used to pull the emails. They are pulling via POP3. The connection is used to pull emails from the Journaling mailbox, however I get the error even trying to pull emails from my mailbox that are large.

I have connectors in use for outbound SMTP, but this is not effected and I don't think its related to my problem.
0
Berkson WeinTech FreelancerCommented:
I agree with your analysis, especially the part about this being strange...  Sounds like a basic setup.
How large of a message are you talking about here?
 
0
Sel-RahcAuthor Commented:
Messages getting stopped range from 15mb to 25 or so. I have an outbound cap of 30mb on email. If the user sends a 20mb email, it will deliver fine, inside or outside the domain. I can RETR it via telnet fine insiden. Outside I get the error though. Smaller emails works outside via telnet.

This one is throwing me for a loop..... Im going to call MS again Monday if I can't get this figured out.

If this were a firewall or ISP issue... I wouldn't think I would get the error in telnet at all. The Exchange server is generating the error... so It must be something in exchange I am missing >.<; I'll toy with it more on Monday.
0
Berkson WeinTech FreelancerCommented:
Do you have the ability to take this machine into a test environment for a bit?  
I was thinking of putting it behind a simple consumer firewall (like a Linksys or something), set it up to mimic the current network. Then connect from the "outside" which is really just the other side of the linksys router.  That would eliminate any ISP or router issue if the problem still occurs.
 
0
Sel-RahcAuthor Commented:
Unfortunately, no. >.< Its one of my many live servers.

I get the same result when I try to pull email from other servers in the exchange network as well... at other locations. I have quite a few exchange servers in the network. They are all giving the same result when they encounter larger emails. This is probably a global exchange setting of some sort or a problem down the line from the servers....
0
Sel-RahcAuthor Commented:
What I may try tomorrow is to throw up a virtual server and see if I get the same result here at home... if I have time this weekend.
0
Berkson WeinTech FreelancerCommented:
Or if you have the ability to convert one of the live machines to an image that'll work too.  Good luck.  Let me know.
Can you get to the outside of the internal network without actually going through the ISP?  I'm talking about plugging in a pc just on the other side of the firewall and coming in that way.
0
Sel-RahcAuthor Commented:
I actually thought about that over the weekend. The ISP is out of the equasion. I get the same error outside my network connected to my external router. I am going to go ahead and open a MS case and see what they say. I'll post the results here.
0
Berkson WeinTech FreelancerCommented:
Another option is to setup ANOTHER router as a test.  Leave your existing router in place, just add a linksys or something then connect from the wan side of that and see if you have the same problem.  Just set the wan address to another subnet.
 
0
Sel-RahcAuthor Commented:
Well I discovered the problem and boy does it piss me off....

I tried taking a PC off the domain but on the network and everything worked so I started looking harder at the firewall.

It ended up being the firewall, but the block was caused by a bug in the Trend Micro card in my ASA.
There is a POP3 settings area you can turn on to enable pop3 filtering. I had this area DISABLED. However it seems that one setting will stick even if disabled.  The POP3 size restriction setting is in effect even if you disable the entire POP3 filtering section.

Trend and Cisco are now aware of the bug and will be processing the fix. In the mean time if you encounter this problem, you will want to enable the POP3 Filter and increase the filter size. Save the setting and then disable the filtering again.

Thanks to those that tried to help me fix this issue. Glad I got it resolved!
0
Berkson WeinTech FreelancerCommented:
The problem was what I had suggested, antivirus.
0
Sel-RahcAuthor Commented:
I'll accept the answer for this. The thing is that the AV was completely disabled and should have had no effect on the situation whatsoever. While it wasn't directly set there was a bug in the card's software that was blocking the telnet transactions. It took several calls to MS Cisco and Trend to fix the issue.
0
Sel-RahcAuthor Commented:
Thanks again for the help!
0
Berkson WeinTech FreelancerCommented:
Glad I could help in some form -
To others reading this thread with similar problems:
Try to simplify.  Insure AV is disabled, try a different router temporarily (like a junky linksys home router).
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.