Open connections: (Juno & NetZero) blocking mai

Unanswered Question
Apr 30th, 2007
User Badges: (Juno, NetZero, routinely blocks email from our Ironport by ip address. The reason gives us for blocking our email is because of "open connections" left incomplete by our Ironport.

We use a filter to temporarily work around the problem to send email out another ip address for the domains that manages. We then patch our Ironport or make some setting change and tell we've corrected the problem and within 24 hours or so they start allowing email from the ip address they had blocked.

Has anyone else had a similar experience?

We send a million and a half emails a month to the typical variety of email providers (Hotmail, Yahoo, Google, AOL, Comcast...) and Untd is the only one to ever block email from our Ironport for any reason.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bvanzant_ironport Thu, 05/03/2007 - 15:08
User Badges:

How long are they saying the connections are held open for?

I'm nearly certain that a feature of AsyncOS is to leave the delivery connection open for 5 seconds after the mail finishes in an attempt to have a slight performance improvement if another message comes through for that same destination.

I would try convincing the adminstrators that their policy is a bit aggressive.

johnb_ironport Thu, 05/03/2007 - 15:46
User Badges:

Thanks bvanzant.

You said "a feature of AsyncOS is to leave the delivery connection open for 5 seconds after the mail finishes". I will look into whether there might be an option to close delivery connections more quickly per domain. Might you know whether this is possible?

I agree that is being unreasonable... we send a million and a half emails a month all over and never have this issue with any other ISP's. Our mail list managers want to tell our subscribers to change ISP's.

bvanzant_ironport Thu, 05/03/2007 - 16:00
User Badges:

As I was writing that response up I took a look through destination controls and the like and didn't see that option. I assume that's where it should be.

If one of the SEs here on the board doesn't know I'd fire through a request to IronPort support and see what they say. It's probably possible; there's little you can't configure on these machines.

johnb_ironport Fri, 05/04/2007 - 15:52
User Badges:

According to response from the support engineer:

"the 5 seconds timeout is not configurable. We keep the
connection for 5 seconds longer for optimization in case there is another mail going to that same destination."

I'll come back to this Monday and look at it fresh...

bvanzant_ironport Fri, 05/04/2007 - 16:05
User Badges:

I just looked through the code and the CSE is correct, it is not configurable.

ghoule_ironport Mon, 09/24/2007 - 17:28
User Badges:

United Online is notoriously stingy on their incoming mail policies. If you are sending any significant amount of mail to them, they will block you after only a handful of unknown users. You will remain blocked until you contact them. The best thing to do is to make sure you deliver to them very slowly with no connection caching.

Donald Nash Tue, 09/25/2007 - 15:17
User Badges:

The best thing to do is to make sure you deliver to them very slowly with no connection caching.

Why reward bad behavior? That just encourages more of it. When people complain to you that mail isn't reaching, you explain to them that it's's fault (don't just tell them, explain it as much as they are able to understand). Negative feedback from their own customers, especially if those customers leave because they can't reliably get the e-mail they're expecting, might convince to loosen up. And if it doesn't, well, then it doesn't. People who stay with knowing that they are unreliable have made a choice to do so.

Yes, I admit to being someone callous. I just don't like having to make otherwise-unnecessary allowances for other people's incompetence. If you're obeying the rules, not making a nuisance of yourself, not causing anyone problems, etc. (a very important set of preconditions), and then run into an artificial roadblock put up by someone who doesn't know what they're doing, then it should be their problem, not yours. They're the ones who aren't getting their mail, after all. And yes, I understand that the sender also has a stake in the matter. Sometimes you have to work around the problem from your end if the situation is important enough. But in general, if the receiver creates the problem then it should be up to the receiver to fix it.

In case it isn't obvious, I've run into this sort of problem before, albeit not with I've even gone so far as to recommend to our administration here that we ban all use of a certain large, free e-mail provider because we could not reliably get past their completely unreasonable spam defenses. It was aggravated by the fact that there was nothing I could do to change the behavior they didn't like (it was a tiny amount of spam leakage through our defenses, amounting to a few dozen spams out of hundreds of thousands of messages per day). What saved the day was that our student newspaper caught wind of the problem (I wish I knew how they found out), and called that large, free e-mail provider to inquire about why we were having trouble getting mail to them. The next thing I knew, the large, free e-mail provider was calling me on the phone to see about getting the problem fixed. Score one for a free press. But it left me with an extreme dislike of poorly run spam defenses.


This Discussion