Link to home
Start Free TrialLog in
Avatar of jcraver
jcraver

asked on

Outbound email blocked until we change public IP every hour

We are having extreme difficulties sending outbound email. Whoever solves this will be worth a ton. We have simple email hosted by Network Solutions - 3 email boxes. We use Outlook and IMAP for inbound and SMTP with Outgoing server authentication to send mail. We can use Ports 993 and 143 for IMAP and 2525 or 587 for Outbound email. port 465 SSL or TLS does not work. Ports 110 or 995 work for POP. The Internet provider was ATT - a 2 MB account with 2 static public IPs.
Long story:  After working fine for 2 years, about 2 months ago something happened and we could no longer send email. If we changed the public IP to the second one, then email would flow just fine for about an hour. When it works, we can successfully telnet to ports 2525, 587, 110, 993, 143 at netsol. Then after about an hour we have to change our firewall to use the second static IP, then change back after another hour, etc, over and over. When email quits flowing, the Internet stops also, so we cannot browse either until we change the static public IP.
1 week ago we changed Internet provider to Spectrum 25 Mb account with 5 usable static IPs. Same thing, except Internet always works and mail always flow in. But we have to cycle through to the next public IP every 30 minutes or hour to send email outbound. The available IPs seem to "clear" during that 30 minutes, even the most recently used IP.  I have called Network Solutions multiple times for hours and it is "not their problem" and they will not help troubleshoot. Similar help from both ISPs. They insist our Internet connections and activity are fine (and I guess they are right). I don't think we have malware generating excess traffic.
In addition. When we cannot telnet to netsol with 2525 or 587, we can still telnet to other SMTP servers, and we can also send our domain emails from Outlook at other locations, such as from Outlook on a PC at my house, or my laptop though my cell phone mobile hotspot.
Our firewall was a cheep Netgear Internet sharing WiFi router. Now I am using a SonicWall TZ200. I am not an expert in Packet Capture, but the packet capture log shows dropped IPV6 traffic – several every minute. Then When outbound email works, it shows the port 2525 traffic forwarded. When it is not working, I don’t think 2525 ever shows up in the packet capture log.
Any thoughts?
Avatar of Blue Street Tech
Blue Street Tech
Flag of United States of America image

Hi jcraver,

My first thought was it is something in the network maxing out its connections, e.g. switch, firewall, etc. But then you said you switched the firewall (and ISP) and the same is occurring...is this correct?

Have you configured Connection Limits for the Source or Destinations?

What is the commonality of these three devices - are they all on wireless or wired, etc.
What is your network topology? What are the network devices in play and where are they located? e.g. Cable Modem > SonicWALL > NETGEAR Switch > Wireless Access Point.
ASKER CERTIFIED SOLUTION
Avatar of Phillip Monk
Phillip Monk
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Can the ISP help with any kinds of reports? If yes, I would look at the type of bandwidth used as a percentage of total bandwidth used ... only saying this because I agree with Phillip's "The most interesting part to me is ..."
Avatar of jcraver
jcraver

ASKER

Great idea, I have thought about disconnecting each computer one at a time. But yes, I will try one computer at a time on a slow day.
I thought I made this clear, but there is a ton of info. On the original ISP we lost the entire Internet until we changed IPs. Now on the new provider. We only lose outbound email. - Completely different - it is not dropping the entire Internet connection. Also I have gone to mxtoolbox many times on this problem. No apparent blacklist IP or domain. Also each of the 3 workstations has WebRoot SecureAnywhere. (I really like WebRoot, have it on hundreds of workstations elsewhere).  Patches are up to date, I have run malwarebytes, no steady "chatter" on any switch ports.
Here is the topology, very simple: 3 wired workstations, I removed the wireless access point. 1 Windows 2008 R2 server standalone Workgroup, just for file storage. 1 SonicWall TZ200 connected to Spectrum Internet in Bridge mode. Also 1 Ricoh printer/scanner.
I can't wait to solve this, so I can know what is going on.
Thank you very much, I will try to use only 1 device at a time one day next week and see what happens!
Avatar of jcraver

ASKER

I though the ISP would be some help, but it's "not their problem". would only say they are not blocking anything. Would not help me troubleshoot at all, or offer any suggestions, They would not even suggest that I check out things locally.
Same thing, except Internet always works and mail always flow in.
I missed this! So this is narrowed to an outbound email only issue.

Are the computers on a domain or workgroup?

Are all three computers Outlook accounts configured the same? And what are they running now POP or IMAP?

I assume you are not filtering outbound traffic, correct?

What is the specific error message in Outlook when it fails?
Avatar of jcraver

ASKER

Not filtering anything outbound on the SonicWall. 3 Outlooks, 2 Outlook 2013 and 1 Outlook 2010. IMAP port 143 and SMTP port 2525.
Are the computers on a domain or workgroup?
 What is the specific error message in Outlook when it fails?
Closed due to inactivity
Where do you stand on this question jcraver? Please reply so we can help!
Closed due to inactivity