[TriLUG] location-specific SMTP problem

matt at noway2.thruhere.net matt at noway2.thruhere.net
Mon Jul 21 14:49:42 EDT 2014 

My initial thought is that the ISP is blocking email traffic except to
known white listed servers.  Running traceroute, along with NMAP and
possibly trying to establish some telnet sessions should answer this.

Mentioning the apple products and TLS jumped out at me.  I know from
experience, e.g. an IPAD Apple doesn't follow the standards for TLS and
port 25 and instead prefers to use the submission port or SSL.  I had a
lot of trouble getting the IPAD to work with Postfix - Dovecot based email
server.

I would also recommend doing some DNS tests, such as running NSLookup and
trying to retrieve the MX records.  Make sure that this isn't causing
problems.  Speaking of DNS, make sure you don't have a dud resolution
occurring (e.g. poisoned cache or simple error).

The fact that it seems to be provider specific really suggests to me that
something is being filtered.

If you can coordinate have him try to connect and see if anything shows up
on the server logs at the same time.  Ultimately, this is how I came to
identify the issue with Apple products and email protocols.


> One of my co-workers has problems connecting to our SMTP server from
> his house. The same Mac laptop works fine at work and most other
> locations.
>
> At home he's on UVerse with an Apple router. If he turns on the hotspot
> on his Verizon phone, he can connect and send mail. Turn it back off and
> go through AT&T - fail.  Our office is on TWC BC -- no problems.
>
> He can connect to other SMTP servers (GMail) without a problem. He also
> reports that at certain WiFi spots, he encounters the same problem. He
> does not know if those spots use AT&T or an Apple router. I've asked him
> to run a traceroute next time he is on a Wifi spot that fails - to
> determine if the spot is running through the AT&T network.
>
> I connect on port 25 using STARTTLS using Thunderbird, also via AT&T
> Uverse
> and have no problems.
>
> This seems to narrow down the problem to a combination of our server
> and either AT&T Uverse or Apple routers.
>
> Our server is running dovecot 2.0.9 on Linux 2.6.32-431.17.1.el6.x86_64
> (RHEL, I think).
>
>
> I've surpassed the extent of my knowledge and it's looking like a
> long deep hole of troubleshooting ahead  :(
>
> Any ideas where I should start looking?
>
> I'm thinking I'm going to need to capture the network traffic on his box
> during an authentication session and dig into the specific messages sent/
> received. But I don't really know what I'll be looking for.
>
> TIA!
> Chris
>
> --
> ------------------------------------------------------------------------ -
> Chris Merrill                           |  Web Performance, Inc.
> chris at webperformance.com                |  http://webperformance.com
> 919-433-1762                            |  919-845-7601
>
> Web Performance: Website Load Testing Software & Services
> ------------------------------------------------------------------------ -
> --
> This message was sent to: Matt Flyer <matt at noway2.thruhere.net>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	:
> http://www.trilug.org/mailman/options/trilug/matt%40noway2.thruhere.net
> Welcome to TriLUG: http://trilug.org/welcome
>

More information about the TriLUG mailing list