Highlighted
Absent Member.
Absent Member.
1083 views

To ESMTP or not?

Hi,

I have a couple of external domains that our mail server can not connect with and the gwia log generates "420 TCP Read error"
Yet, these same external mail servers are able to successfully send emails to my users.
Besides this issue all other emails are going out OK.
When I perform a tracert I get a successful completion (it took just over a minute and my GWIA SMTP Timeout settings are at the default).

When I perform a telnet to these mail servers it connects and shows ESMTP in the response.
Can their server be setup NOT to accept SMTP, just ESMTP?

Are there any disadvantages to enabling ESMTP or should I be looking somewhere else?

As always, thanks for your responses!

Stan
Labels (1)
Tags (1)
0 Likes
6 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: To ESMTP or not?

In article <Demaximis.6vt20n@no-mx.forums.microfocus.com>, Demaximis
wrote:
> I have a couple of external domains that our mail server can not connect
> with and the gwia log generates "420 TCP Read error"
> Yet, these same external mail servers are able to successfully send
> emails to my users.
> Besides this issue all other emails are going out OK.


I would say there is some sort of networking problem between your GWIA and
those external domains. I would check
- your MTU settings as there may be a negotiation problem there
- make sure there aren't errors showing on the server's NIC
- check your router & firewall logs for any issues that might be clues.
What OS is GWIA running on? Fully patched and up to date? Perhaps an
updated NIC driver might help.

A packet capture of such a failed connection would tell us a whole pile
more.


> When I perform a telnet to these mail servers it connects and shows
> ESMTP in the response.
> Can their server be setup NOT to accept SMTP, just ESMTP?

That is a standard and is showing what it can go to. How it will interact
is all dependant on if the sending agent says HELO or EHLO as is first
greeting. You can only turn on or off ESMTP options, not the basics of it
and strait SMTP is a native part of ESMTP.
http://www.samlogic.net/articles/smtp-commands-reference.htm
when you telnet to those 3, what responce do they give when you EHLO them?
Do they either/both respond with something like
250-AUTH LOGIN PLAIN CRAM-MD5
250-STARTTLS

always possible they are insisting on authentication or forcing TLS



Andy of
http://KonecnyConsulting.ca in Toronto
Knowledge Partner
http://forums.novell.com/member.php/75037-konecnya
If you find a post helpful and are logged in the Web interface, please
show your appreciation by clicking on the star below. Thanks!

___
“i’ve sworn an oath of solitude til the blight is purged from these lands”
Andy of Konecny Consulting in Toronto
Knowledge Partner Profile
If you find a post helpful, click the Like button below. Thanks!
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: To ESMTP or not?

Hi

420 TCP Read error


This is a communications issue. 99% of the time it's a misconfigured router/switch and it could be, as Andy pointed out, that MTU negotiation is the problem.

The best method would be to determine which device on the way between you and the recipient is incorrectly configured, and fix that.

Let us know how it goes.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: To ESMTP or not?

Hi Stan,

In addition to what has been said above, you may find this TID of interest: https://www.novell.com/support/kb/doc.php?id=7007770

It could be a firewall configuration at the destination domain site.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: To ESMTP or not?

Hi Stan,

I've just had a chat to my "Team Cisco" and they recommend the following tests, assuming a Linux box!

First, determine the lowest MTU size between your GWIA and the recipient's system: tracepath -n x.x.x.x (destination IP address).
This will output the path and the last line will have something like this: Resume: pmtu 1500 - in this example it is telling me that the PMTU size is 1500.

Next, do a ping with the Do Not Fragment flag set: ping -M do -s 1462 x.x.x.x (destination IP address)

If the packet is too big you should get an ICMP response stating that the packet needs to be fragmented but the DF switch has been specified. If you don't get an ICMP response stating this then the recipient firewall is not configured to give the correct ICMP responses - that equals a problem.

Try this and let us know the outcome please.

Looking forward to hearing back from you 🙂

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: To ESMTP or not?

Thanks for the suggestions.

I have wireshark on my mail server and captured data while sending to one of the troublesome domains.
Wireshark shows red lines on the communications between our mail server and one of these domains.
Our mail server is on an up-to-date-patched SuSE 11 SP3 server running GW 2014 (14.0.1 -118418), which is a VM, on a Citrix XenServer.

The bottom line is that we switched to cloud-based gwava and while incoming emails went through gwava, outgoing was not.
These domains would not accept the switch between the ip addresses.
We found this out after we called gwava support and had our outgoing email go through gwava.
Test emails to persons in these domains were successfully transferred.

Thanks so much for your helpful suggestions and this forum!

Stan
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: To ESMTP or not?

Hi Stan,

Glad that you managed to solve your issue and thanks very much for reporting back to us.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.