| Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129232] |
Thu, 28 April 2016 00:57  |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
We are running Kerio Connect on a Windows Server 2012 Essentials Server and been having problems for some time now with "4.4.2 Connection lost" timeouts sending email. This is not only using DNS - we have tried relaying through our ISP and even setup a free SendGrid account but experience similar problems with both.
We have logged a case with Kerio support and have even had them remotely looking at our server, but they have been upable to offer any help.
The problem in the main is with large-ish email attachment, and obviously a contributing factor here is we are on ADSL which has a slow upstream speed (around 800kbps). However, the old Exchange Server we previously used on the same connection has no problems. And while emails with attachments 10MB+ are a particular problem, often much smaller emails experience the same problems.
There are no problems with receiving email.
I'm at a point now of thinking I need to bypass Kerio's SMTP server and try an alternative SMTP server on the LAN for Kerio to relay through, and was just looking for some advice on doing this.
I'm inclined to think I should setup another SMTP server on another PC on the LAN - or could I install another SMTP server on the server and use a different port than port 25?
I see there are a number of free SMTP server options available for Windows. Does anyone have any recommendations for my purposes - just to act an outgoing relay server? Or should I just use the Windows SMTP service and set it up for relay?
Thanks for any advice.
|
|
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129245 is a reply to message #129232] |
Thu, 28 April 2016 17:29  |
j.a.duke
Messages: 239
Registered: October 2006
|
|
|
|
It has been a while since I've used a connection with that slow an upstream speed, however, I don't think that Kerio is at fault. I've found the SMTP implementation to be solid and standards-compliant.
Could it be that the upstream DSL channel is having trouble? I've seen that occur and it isn't until there's a load put on that channel that things surface. Might be worth having that looked at, but do that after posting a snapshot of your debug log (as freakinvibe suggested) with the SMTP logging turned on.
As for why the Exchange server worked and Kerio doesn't, I'd suspect something "unique" in the Exchange SMTP implementation.
Post that info, we'll look at it and hopefully have some suggestions regarding how to fix the problem.
Cheers,
Jon
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129253 is a reply to message #129245] |
Thu, 28 April 2016 21:39 |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
One thing I forgot to mention is that often when we get these '4.4.2. Connection Lost' errors, the recipient actually still receives the email. But because Kerio thinks it hasn't been delivered, the email stays in the queue and can be delivered multiple times.
This is what happened when I did a test with the SMTP Client turned on in the Debug logs, as you advised.
The first email had a 9MB attachment and was delivered with no problems. Then I tried 15MB attachment, and while the message was delivered we got the '4.4.2. Connection Lost' error in the queue. This was the debug log (I've changed the email addresses):
29/Apr/2016 07:21:27][18400] {smtpc} Sending email to SMTP server aspmx.l.google.com, delivering mail from <Sender<_at_>SenderDomain.co.nz>
[29/Apr/2016 07:21:27][18400] {smtpc} Connecting to server aspmx.l.google.com (64.233.189.26:25) using local interface 0.0.0.0 ...
[29/Apr/2016 07:21:27][18400] {smtpc} Connected to SMTP server aspmx.l.google.com
[29/Apr/2016 07:21:28][18400] {smtpc} Received greeting: 220 mx.google.com ESMTP ua9si17474453pab.25 - gsmtp
[29/Apr/2016 07:21:28][18400] {smtpc} Sending EHLO
[29/Apr/2016 07:21:28][18400] {smtpc} Switching connection to TLS
[29/Apr/2016 07:21:29][18400] {smtpc} Sending EHLO
[29/Apr/2016 07:21:29][18400] {smtpc} Sent MAIL command
[29/Apr/2016 07:21:29][18400] {smtpc} Got reply: 250 2.1.0 OK ua9si17474453pab.25 - gsmtp
[29/Apr/2016 07:21:29][18400] {smtpc} Sent RCPT TO: <Recipient<_at_>RecipientDomain.co.nz>
[29/Apr/2016 07:21:30][18400] {smtpc} Got reply: 250 2.1.5 OK ua9si17474453pab.25 - gsmtp
[29/Apr/2016 07:21:30][18400] {smtpc} Sent DATA command
[29/Apr/2016 07:21:30][18400] {smtpc} Got reply: 354 Go ahead ua9si17474453pab.25 - gsmtp
[29/Apr/2016 07:21:30][18400] {smtpc} Sending message body...
[29/Apr/2016 07:23:34][18400] {smtpc} SMTP connection closed while reading SMTP reply
[29/Apr/2016 07:23:34][18400] {smtpc} Connection lost with server aspmx.l.google.com: Connection lost
[29/Apr/2016 07:23:34][18400] {smtpc} Delivery to other mx servers was skipped.
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129256 is a reply to message #129232] |
Thu, 28 April 2016 22:25 |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
A further note: As I said in my previous post, often we get these '4.4.2 Connection Lost' errors even though the email has been delivered.
We had a 16MB email sent last night that recipients have received many times (one reported 9 times). I've had to reduce amount of retries, but when we get these '4.4.2 Connection Lost' errors the recipient may have in fact received the email - but we have no way of knowing. This seems bizarre!
|
|
|
|
|
|
|
|
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129266 is a reply to message #129261] |
Thu, 28 April 2016 23:30 |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
freakinvibe wrote on Thu, 28 April 2016 23:01It seems like something cuts the connection after 2 minutes. Is there any firewall, proxy etc. between your KC server and the Internet?
If you have Fortinet or Cisco, try to switch off "SMTP Inspection". This can cause issue like this.
The connection cutting after 2 minutes sounds about right. At the ADSL upload speed, 2 minutes would be enough to send about 10-12MB, which is about what we get before getting these timeout errors.
There is no firewall/proxy - the gateway for the server is the ADSL modem, which has nothing blocked outgoing. We even changed the modem from a TP-Link to a Zyxel recently and it has made no difference.
|
|
|
|
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129271 is a reply to message #129270] |
Fri, 29 April 2016 00:55 |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
Thanks very much to everyone for your feedback - the pushes in the direction of the antivirus being the cause has resulted in me resolving the issue. It wasn't as simple as I would have thought, though.
Turning off the antivirus didn't help, so I tried disabling all Trend Micro services that were running:
Trend Micro Common Client Solution Framework
Trend Micro Security Agent Listener
Trend Micro Security Agent Realtime Scan
Trend Micro Security Server Master Service
After this I went through each service individually and found that it was the 'Trend Micro Security Agent Listener' that was causing the problem. If I have this disabled and all the other services enabled email seems to work fine. (Of course I still have my exclusion for the MailServer\Store\Queue\ folder).
I guess I'll have to check with Trend Micro the implications of leaving this service disabled, but at the moment I'm just delighted to have everything working.
Thanks again for everyone's help.
[Updated on: Fri, 29 April 2016 00:56] Report message to a moderator |
|
|
|
|
|
| Re: Problems sending mail through Kerio - advice on using another SMTP server on the LAN? [message #129757 is a reply to message #129274] |
Wed, 18 May 2016 06:52 |
dave2ic
Messages: 8
Registered: April 2016
|
|
|
|
freakinvibe wrote on Fri, 29 April 2016 09:49I am glad to hear that you found a solution.
If Trend Micro gets back to you with an explanation, please post it here to help others with the same issue.
In corresponding with Trend Micro over the issue I found that disabling the Trend Micro Security Agent Listener service is not a good idea. To quote them:
Quote:Trend Micro Agent Listenter is the service who checks communication between the agent and the server. If you turn off the agent listener service, agents will not be able to get updates from the server.
They recommended re-enabling the service and try turning off URL Filtering or Web Reputation on the Security Server to see if that helped.
What I found is disabling both BOTH the 'Web Reputation - In Office' AND 'URL Filtering' features is required to avoid getting the SMTP connection problems in Kerio.
As the server is not used for browsing, this is satisfactory solution. Trend Micro did offer some further troubleshooting advice, but I haven't had the need to take it any further:
Quote:Another thing we can try is to IP whitelist the IP address of the machine then whitelist the executable file for Kerio. Please refer to the link below:
http://esupport.trendmicro.com/solution/en-US/1101683.aspx
I hope this helps anyone else who may come across this problem.
|
|
|
|
Members
Search
Help
Register
Login
Home
