SMTP Protocol Errors and dropped connections when sending emails with attachments

I am having trouble finding a solution for this problem.  We are running SBS 2003 with Exchange 2003sp2.  When outlook or webmail clients send emails with attachments over a size of about 20kb they sit in active/retry until the timeout is reached. The clients then receive an NDR. Emails with no attachments are delivered successfully. Emails with small (<20kb) attachments are delivered successfully.
The interent ip is not on any blacklist, reverse dns is correct, and I can send a basic message with no attachment using telnet commands.  I have tried adjusting MTU on NIC to match router as some have suggested but this has not worled.  SMTP logging does not give any indication why the connections are being dropped. I have tried different smart hosts with and without authentication to no avail.  I have temporarily lifted the allowed attachment size but this has made no difference.  
I have tested with smtp connector and without. Any ideas welcomed.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

What antivirus / email scan software are you using ?
dn_auAuthor Commented:
Trend Micro Worry-Free Business Security Advanced 6.0 sp2
Open Trendmicro

Go to Security Settings
Select your mail server
Click Configure
On the left tab select Attachment blocking
Uncheck - enable realtime attachment blocking.

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

dn_auAuthor Commented:
Thnaks sunnyc7, but i have already unchecked this option.
Can you restart Simple Mail Transfer Protocol service
and Trendmicro Mail security services.

dn_auAuthor Commented:
i have restarted all associated services multiple times now with no difference.  i have stopped all trend services and restarted them.  even when trend services were all stopped mail still would go back to retry queue.  I have also tried creating a new smtp virtual server and a new smtp connector with no luck. Thanks.
ok. thanks for the background info.

does it happen only for 20kB and above ?

can you verify one more thing

Open Exchange
Admin groups
Default SMTP Virtual Server > Right click properties.
Go to messages tab

See if there is a message size limit ?

Restart exchange services after editing values there and restart SMTP services.
dn_auAuthor Commented:
i have done some more testing on attachment sizes.  I was able to deliver an attachment of 355kb.  I am yet unsure of how large attachments can be before they are not delivered.  I know that an attachment of 4mb cannot be delivered and one of 7mb cannot be delivered.

There is no message size limit on smtp virtual server.  I will continue trying different size attachments until i have an exact answer.

Restarted all services with no change.
Open IE
tools > Windows Updates
On the left panel check Update History

See if any update got installed within last couple of days.

Instead of unlimited, can you set the limit to 20 MB and then restart the services.
See if that works with a 2 MB email attachment - mp3 / large JPG

What is the exact text of the NDR?

Also, when did this begin, and what changed just before it began?
(server, switch, firewall, isp, etc)
dn_auAuthor Commented:

The NDR the client receives is following;

Your message did not reach some or all of the intended recipients.

Subject: FW: test3
Sent: 19/08/2010 8:54 AM

The following recipient(s) could not be reached: on 19/08/2010 10:56 AM
  Could not deliver the message in the time limit specified. Please retry or contact your administrator.
  < #4.4.7>

Here is the event from the application log

Event Type:      Warning
Event Source:      MSExchangeTransport
Event Category:      Connection Manager
Event ID:      4007
Date:            19/08/2010
Time:            12:31:31 PM
User:            N/A
Computer:      SERVER
Message delivery to the host '' failed while delivering to the remote domain  '' for the following reason: An SMTP protocol error occurred.
 The SMTP verb which caused the error is 'DATA'.  The response from the remote server is '421 Message rejected> Ok
ns (SIZE=1301125) Ok

For more information, see Help and Support Center at
0000: d7 02 04 c0               ×..À    
Interesting line in the evet log:
"The response from the remote server is '421 Message rejected"

Few more thoughts...
Just to confirm, attachements can't be sent anywhere? (e.g. you've tested to hotmail/gmail).
Incoming is OK, attachments can be recieved?

Back to this again:
Also, when did this begin, and what changed just before it began?
(server, switch, firewall, isp, Patching/Updating of any software, etc)
dn_auAuthor Commented:
Thanks guys.

I setup an outlook client to send email directly through the provider's smtp address.  Mail will be delivered if it is under about 600kb but is rejected if over this size.  This is the same behaviour if we use a connector in exchange to route the mail through the same smtp address.  So it appears to be the provider's problem.   I have logged a call with their support and will hopefully hear back from them soon.  

I will post an update to confirm this was the cause of the problem. Thanks for your efforts!
Did you try setting a limit of 20 MB http:#33471444

and then restarting info. stores and then sending a 2 MB attachment ?

Are you routing mails through a smarthost ? Do they have a limit
dn_auAuthor Commented:
We have finally resolved the issue.  It was determined that the ADSL Modem router a Netgear DG834 v3 was the problem.  
Even after using an Outlook Express client the same issue occurred.  The client experienced no drop outs or any other issues with the modem

Once we replaced the modem with a D-Link DSL-2642B, the problem disappeared.  This modem must be more compatible with the Telstra Internet Direct connection the client uses.

I appreciate input from all parties.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.