Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Processes not releasing connection to the email server

Status
Not open for further replies.
TarsierSpectral

TarsierSpectral

IS-IT--Management
Oct 21, 2003
270
US
Hi, we've been having an issue with our work's email. The email is hosted by a university and since about mid-last week we cannot send any emails from around 3:50pm to about 4:55pm. The email client says that the message cannot be sent because there are too many connections opened.
What I was told, was that the problem is on my side because someone/something is opening connecttion to the email server and is not releasing it. Also, they said that the way my firewall is setup, they cannot see which machines are opening these connections.
Does that sound right? I mean I don't know how the email servers work so I can't say if they are making this up or what. Can anyone tell me. Also perhaps I could change my firewall settings so you can see each machine's IP address. Right now, I have it set up to NAT enabled and all machines have the same IP from the outside our network. I don't want to reset anything as it has been working fine all this time, but I if I have to for the testing purposes then I will

Thank you
 
Sort by date Sort by votes
It could well be that, because you are using NAT, their server is seeing too many simultaneous connections from a single host (because they are all sharing the same IP address) and they don't allow any new connections.

It would be strange for someone to open an SMTP port connection and not drop it within seconds. Maybe minutes if the file is big and the connection slow.

What type of firewall are you using?

You could consider setting up a relay server at your end, so that all outbound mail is sent to a local server, which forwards all of its outbound mail to the University server.


pansophic
 
Upvote 0 Downvote
well, so far I determined that the moment I disconnect each machine from the network and reconnect them email works fine again. I must be terminating whatever is causing a problem. Next monday I am intending on disconnecting each computer one by one to see which one it is. There must be something on that comuter that is doing that.
 
Upvote 0 Downvote
That actually sounds as if one or more of the machines is holding its connection open, even after it has finished transmitting.

Does your firewall allow you to view its active connections? If so, you can identify the connections that are currently open and identify the troublesome machine without a lot of work on your part.

When you find the offending machine, it would be interesting to see where it is hanging. Ethereal should let you watch the connections and see if it ever attempts to send the FIN, FIN/ACK to terminate the connections.

Also, netstat will let you see the current state of connections. If you have a lot of connections to port 25 or SMTP that are in the ESTABLISHED state, then that is your machine. Probably a little more scientific than just powering the computer down.


pansophic
 
Upvote 0 Downvote
unfortunately I do not have an ability to check active connections on the firewall. Or maybe I should put it this way. I don't know how to check it. I use Sonicwall Soho 3. I don't think it is that sophisticated.
 
Upvote 0 Downvote
I took a quick spin through the manual. It appears that they have left the active connections display off of their list of features. Too bad, it is an easy thing to do and something that many free linux firewalls support.

There is a packet trace function, which may be difficult to read (it is unclear in the manual exactly how things are logged). In theory you could put in the IP address of the mail server and log all of the connections that are made to it. It looks like a standard PCAP output, so it shouldn't be too hard to run through manually, provided you don't send hundreds of emails each day.

There is also a "TCP Connection Inactivity Timeout" parameter that can be set. Perhaps if you shorten yours, it will automatically disconnect these sessions, but it looks as if the default is 5 minutes, and you are experiencing outages longer than that. And you run into potential problems with the shortened timeout. Someone could be running a legitimate process that stays idle longer than 5 minutes.


pansophic
 
Upvote 0 Downvote
thanks a lot for your help.
I guess I'll have to do this the hard way. That's ok I only have about 20 computers
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
664
Zebad
Zebad
sologeek
  • Locked
  • Question
VPN server help
Replies
0
Views
592
sologeek
sologeek
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
584
Vedant Gonnade
Vedant Gonnade
SirBlack
  • Locked
  • Question
Internet connection problem
Replies
5
Views
173
kjv1611
kjv1611
TheFaz_
  • Locked
  • Question
Sending udp packets from fpga to the computer using Lwip tcp/ip stack using C programming
Replies
0
Views
569
TheFaz_
TheFaz_

Part and Inventory Search

Sponsor

Back
Top