Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » SMTP Mail Resends
  •  
WetherMan

Messages: 2
Karma: 0
Send a private message to this user
Hello. I am using Kerio Winroute Firewall to protect a mail server. I am having a problem with duplicate emails sent from a few seperate mailers on the internet. The problem is stemming from Kerio's handling of the SMTP connection -- it allows mail servers to hang instead of giving them a 250 OK response. The following is what should happen:

$ telnet mail.mysite.org 25
Trying XXX.XXX.XXX.XXX...
Connected to mysite.org.
Escape character is '^]'.
220 *********************************************************************
helo mail.asdf.com
250 mail.mysite.org Hello mail.asdf.com [xxx.xxx.xxx.xxx], pleased to meet you.
mail from: asdf<_at_>asdf.com
250 2.1.0 <asdf<_at_>asdf.com>... Sender ok
rcpt to: mpeter<_at_>mysite.org
250 2.1.5 <user<_at_>mysite.org>... Recipient ok
data    
354 Enter mail, end with "." on a line by itself
asdf
.
250 2.6.0 9 bytes received in 00:00:05; Message accepted for delivery
^]
telnet> quit 
Connection closed.


So it works correctly when the firewall is turned off. But when its on, this is the behavior:

$ telnet mail.mysite.org 25
Trying xxx.xxx.xxx.xxx...
Connected to mail.mysite.org.
Escape character is '^]'.
220 *********************************************************************
helo mail.asdf.com
250 mail.mysite.org Hello mail.asdf.com [xxx.xxx.xxx.xxx], pleased to meet you.
mail from: asdf<_at_>asdf.com
250 2.1.0 <asdf<_at_>asdf.com>... Sender ok
rcpt to: user<_at_>mysite.org
250 2.1.5 <user<_at_>mysite.org>... Recipient ok
data
354 Enter mail, end with "." on a line by itself
asdf
.
250-Transmission in progress. Stay tuned
^]
telnet>


My mail server never tells the remote client that he's successfully gotten the email, and so it is resent.

Things I have done:

- selected the 'do not use antivirus' option
- used the integrated mcaffee engine, but disabled SMTP scanning

based on the following post:
http://forums.kerio.com/index.php?t=msg&goto=7917&S= 4a43170f42b270ed6cfb94ca32f140ad

Has anyone else experienced anything similar to my problem?

Thanks,

~ wm
  •  
Kerio_ktrumbull

Messages: 597
Karma: 2
Send a private message to this user
Quote:

220 ************************************************************ *********

That should not happen. If you are getting that, it usually indicates that you are behind some other firewall that is scanning SMTP traffic, such as a Cisco PIX firewall.

A normal SMTP greeting would look like:
server1 [/etc]# telnet mail.kerio.com 25
Trying 64.161.217.18...
Connected to 64-161-217-18.ded.pacbell.net.
Escape character is '^]'.
220 mail.kerio.com ESMTP ready
ehlo
250-mail.kerio.com
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
250-SIZE 31457280
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP
quit
221 2.0.0 SMTP closing connection
Connection closed by foreign host.

server1 [/etc]# telnet mx1.mail.yahoo.com 25
Trying 4.79.181.14...
Connected to mta-v3.level3.mail.vip.mud.yahoo.com.
Escape character is '^]'.
220 mta190.mail.mud.yahoo.com ESMTP YSmtp service ready
ehlo
250-mta190.mail.mud.yahoo.com
250-8BITMIME
250-SIZE 31981568
250 PIPELINING
quit
221 mta190.mail.mud.yahoo.com
Connection closed by foreign host.

Kevin Trumbull
Kerio Technical Support Team Leader
http://support.kerio.com
  •  
westmclaren

Messages: 11
Karma: 0
Send a private message to this user
Same problem as mine...I tought the problem is the mail server...But when I try older version of Winroute, got no problem.

Outlook expres says it was sent and put your mail in sent items, but the reciepient didn't recieve any mail...

I'm only using the built-in traffic policy of KWF6.2.1.

_________________
--=[McLaren]=--
  •  
VirusXr866

Messages: 1

Karma: 0
Send a private message to this user
I got similar problems by myself. I was using kwf 5.1.5 on w2003s to protect a small network. Same machine has MDaemon installed. Everything worked fine for almost two years. But sudently after some bad power outage i got into folowing problem: SMTP server wont send emails greater than 8192 bytes. Its just seems that some packets just disapear somewhere inside TCP/IP stack (not seen by snifer), and eventualy connectiong gets timed out. With upgrade to 6.2.1 build 1454 situation remains the same - if SMTP inspector is turned on, then WR will usualy accept all the data from MDaemon, but then conn gets hung, because of WR being unable to actually send it to remote server. If inspector turned off - MDaemon sees just the right picture - 8192bytes ok, everything else disapears. If i turn off winroute everything works fine. Also, i got some strange problems with posting large portions of data through HTTP, for example sending email with attachements using some web-email server. I wonder if its related to something with windows RAS service and its configuration (just a guess, its disabled, but...).

p.s. sorry 4 my bad english.

P.S: Fixed my problem. It was some damn blackhole router. Decreased MTU to 1468 (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ Parameters\Interfaces\ <iface>), and thats all.

[Updated on: Sun, 20 August 2006 20:29]

Previous Topic: problems with ssl pages and wireless workstations
Next Topic: lost connection
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 02:56:41 CET 2017

Total time taken to generate the page: 0.00380 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.