01-04-2008 08:18 AM
Hi guys,
I have changed my SMTP relays from Postfix to IronPort C350. Now I have a problem with webapplications which are sending a lot of mails. In the logfile I found the following error message very often: exceeded allowable connection time. Has anybody an idea???
01-04-2008 09:52 AM
Hi,
are your webapplications passing a proxy? Some proxies have problems with the multiline SMTP server responses, causing the client never to reply (they will get a response like 220 ****************). This could cause the timeouts.
Hope this helps.
Raf
01-04-2008 10:40 AM
Hi,
are your webapplications passing a proxy? Some proxies have problems with the multiline SMTP server responses, causing the client never to reply (they will get a response like 220 ****************). This could cause the timeouts.
Hope this helps.
Raf
01-04-2008 01:34 PM
Fisherman - check the global settings of your appliance listeners via the listenerconfig->setup subcommand.
[]> setup
Enter the global limit for concurrent connections to be allowed across all
listeners.
[300]>
Enter the maximum number of message header lines. 0 indicates no limit.
[1000]>
1. Allow SenderBase to determine cache time (Recommended)
2. Don't cache SenderBase data.
3. Specify your own cache time.
[1]>
Enter the rate at which injection control counters are reset.
[1h]>
Enter the timeout for unsuccessful inbound connections.
[5m]>
Enter the maximum connection time for inbound connections.
[15m]>
I think you are hitting the 15m max inbound time setting.
I'd suggest you create a new HAT policy for these relay servers to connect via.
8)
01-04-2008 05:10 PM
Hmmm, it works for Postfix but not for IronPort, eh? Lack of a proxy notwithstanding, Poesjkin might be on the right track with the multiline server responses if your script isn't smart enough to handle them. However, I've never noticed an IronPort doing this except in response to EHLO (not that I make manual connections to my ESAs very often). But my first guess is that you've got a end-of-line problem. SMTP requires that all lines be terminated with CRLF. However, if your script is using the Unix EOL convention of just "\n" (that is, LF), and your ESA does not have the "clean up bare CR and LF" option turned on, then I'd expect exactly the symptom you're seeing. This is because the "
01-04-2008 05:33 PM
Hmmm, it works for Postfix but not for IronPort, eh? Lack of a proxy notwithstanding, Poesjkin might be on the right track with the multiline server responses if your script isn't smart enough to handle them. However, I've never noticed an IronPort doing this except in response to EHLO (not that I make manual connections to my ESAs very often). But my first guess is that you've got a end-of-line problem. SMTP requires that all lines be terminated with CRLF. However, if your script is using the Unix EOL convention of just "\n" (that is, LF), and your ESA does not have the "clean up bare CR and LF" option turned on, then I'd expect exactly the symptom you're seeing. This is because the ". " used to terminate the message isn't recognized if it is just " . " and this option isn't turned on. Use the listenerconfig -> edit -> setup -> cleansmtp command to check this setting.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide