1
AOL Email Users can not send email to Smartermail. Get error 4.4.2 connection dropped.
Problem reported by Wayne Howe - June 17, 2015 at 8:15 AM
Resolved
About 10 days ago AOL users sending email to our clients on our SmarterMail Server v11 began getting non-deliverable notices with error 4.4.2.  See error message:
--------------------------
Action: failed
Status: 4.4.2
Diagnostic-Code: X-Outbound-Mail-Relay; lost connection with
    mail.lobstertrap.com[66.151.230.30] while receiving the initial server
    greeting
-------------------------------------------------------
I have run tests from third party web sites such as mxtoolbox, TLS Receiver, pingdom, network-tools and others and no problems are reported.  The mail server is also not being reported on any black lists. Of course our clients are angry because these AOL users are customers trying to email them orders and they are not being delivered.  As far we can tell, no other senders are having trouble, with the exception of some intermittent reports from hotmail users getting delivery errors. 
 
The only changes we have done recently were to update our certificates and enable TLS across all domains.  But that was a month ago. 
 
I have opened three support tickets with AOL but so far no replies.
 
Has anyone had experience with this error code 4.4.2, AOL non delivery to Smartermail or timing out?
 
Help, please

13 Replies

Reply to Thread
0
Bruce Barnes Replied
June 17, 2015 at 7:22 PM
We have several clients with personal AOL addresses which they have been using for more than 15 years, and many of them are beginning to complain about AOL's degeneration into a worthless company.
 
We are now telling our customers that we can no longer guarantee delivery to any AOL hosted account.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Bruce Barnes Replied
June 18, 2015 at 9:25 AM
I wish I could +1 Joe's comment because it pretty much sums up AOL's service attitude.
 
Having said that, there is no reason that SmarterMail should specifically address any AOL interconnection or interaction issues with their products.  There are established protocols for every internet interaction and connection, and AOL must follow them, like everyone else, if they expect to continue to deliver e-mail.
 
So, my only remaining question is how are you connected to the Internet?  Speed?  Service reliability, etc.
 
I ask because a very large library, in a major east coast city, was having issues similar to your a couple of years back and I worked to help them resolve the problem.
 
The issue turned out to be a bad CORE ROUTER in their provider's network, which was literally dropping connections in mid-stream when the MTU exceeded 1492.  While an MTU of 1492 used to be the "standard" in e-mail connections, at one point Comcast figured out that by pushing the MTU up to 1500, once the connection between two MX servers was established, they could gain something like 250,000 internet minutes of connectivity per day because of the volume of e-mail traffic they are pushing.

I am not stating that is the same issue which is causing your problem, but it certainly sounds like this is either an issue with your hardware or the route that the e-mail data is taking between you and AOL.
 
Since you have not stated that this happens with other MX providers, only with AOL, then it sounds like an issue with the route that the e-mail traffic is taking between you and AOL.
 
This will be VERY hard to diagnose and troubleshoot.  You can start with a traffic monitor and have it capture all traffic, to and from, AOL - down to the packet level, and see what's going on.  Remember, that is going to give you access to the actual data contained in the messages, so be very careful with that data and who you share it with because some of it could contain confidential information.
 
You can also look at the IP addresses which are used in the AOL traffic and do TRACERTs to those addresses, checking to see if the traffic fails at one or more points along the route.
 
Finally, you can use an MTU tester to test traffic TO the AOL IP addresses.   Here's a listing of some of the MTU testing tools which are available, both online, and for download:

https://www.google.com/search?q=mtu+test+tool&ie=utf-8&oe=utf-8
 
Here's a good explanation of MTU and why it can cause problems:

http://packetlife.net/blog/2008/aug/18/path-mtu-discovery/
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
3
Joe Wolf Replied
June 18, 2015 at 3:18 PM
I connected to your mail server via Telnet and see the problem.  AOL email requires 8BITMIME and your server is not giving a 220-8BITMIME response to an ehlo.  
 
You say you're running SM 11 but I bet you're not running the latest version.  I know in the SM 10 - 12 era there were some MIME issues.  Make sure your're running SM 11.7.5318 (the latest in the SM 11 releases).  
 
-Joe
 
Thanks,
-Joe
0
Bruce Barnes Replied
June 19, 2015 at 7:01 AM
You can upgrade to the latest version of any owned product without paying for major upgrades.
 
Given the very significant advances which have been made in SmarterMail 14.X, however, an upgrade is strongly suggested.
 
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Wayne Howe Replied
June 19, 2015 at 1:21 PM
Thank you for your time and help.
 
I upgrade to v11.7 and tested.  No AOL delivery.  We can send to AOL.  Still not receiving.
 
I conducted tracerts to several aol outbound mx servers and none completed.  Closest I came was to a core aol server on a  subnet different from the mx server. Not sure if that means anything.
 
I was trying to trace to mtaomg-mbe02.mx.aol.com
 
 
 
0
Joe Wolf Replied
June 19, 2015 at 1:55 PM
I don't know what to offer at this point.  I know that AOL wants to see a "250-8BITMIME" in the ehlo response.  Here's what your server responds:
 
220 mail.lobstertrap.com
ehlo testing
250-mail.lobstertrap.com Hello [70.redacted]
250-SIZE 83886080
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-VRFY
250 OK
 
When I do the same with SmarterTools (or my own) here's what I get:
 
220 mail.smartertools.com
ehlo testing
250-mail.smartertools.com Hello [70.redacted]
250-SIZE
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK
 
When I connect to one of my EXIM SMTP servers I get the following:
 
220 redacted ESMTP Exim 4.85 Fri, 19 Jun 2015 15:42:25 -0500
ehlo testing
250-redacted [70.redacted]
250-SIZE 20971520
250-8BITMIME
250-PIPELINING
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250 HELP
 
I could post many other examples, but the bottom line is that AOL want's to see a 250-8BITMIME response code to their ehlo (at least that's why my fried that used to work at AOL says).  I don't know of another SM 11 machine to test, but every server I tested (and didn't post here) all give the proper response.  Your server doesn't.  I don't know why.
 
ON EDIT:  I decided to check your IP Address reputation with AOL.  It comes back with "Undisclosed" which is usually bad.  You can check it here: https://postmaster.aol.com/Reputation.php
 
I'd suggest you open a ticket at AOL Postmaster tools: https://postmaster.aol.com/SupportRequest.php
 
-Joe
 
 
Thanks,
-Joe
0
Wayne Howe Replied
June 23, 2015 at 9:40 AM
Dear Joe and Bruce:
 
I ran this test from network-tools and I have never seen this response before from our SmarterMail Server.  We use greylisting, but it appears the connection is unable to verify a valid email address.  What do you think?
---------------------------------------------------------------------------------------
 
Validation results

error: Could not verify recipient

canonical address: <nwagner@lobstertrap.com>

MX records
preference exchange IP address (if included)
 
10  mail.lobstertrap.com [66.151.230.30]

SMTP session

[Contacting mail.lobstertrap.com [66.151.230.30]...]
[Connected]
220 mail.lobstertrap.com
EHLO test.network-tools.com
250-mail.lobstertrap.com Hello [67.222.132.211]
250-SIZE 83886080
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-VRFY
250 OK
VRFY nwagner
553 User ambiguous
RSET
551 <nwagner> not a valid mailbox address
EXPN nwagner
250 OK
RSET
252 Cannot EXPN list
MAIL FROM:<admin@Network-Tools.com>
250 OK
RCPT TO:<nwagner@lobstertrap.com>
503 Bad sequence of commands
[Unfavorable reply code, cannot continue]
RSET
250 OK
QUIT
221 Service closing transmission channel
[Connection closed]
 
0
Bruce Barnes Replied
June 23, 2015 at 9:53 AM
Just ran the same test and did not get the same results. 
 
First test hit greylisting, which is normal.  Waited a minute and tried again.
 
[Contacting securemail.chicagonettech.com [173.165.112.155]...]
[Connected]
220 securemail.chicagonettech.com Tue, 23 Jun 2015 16:49:11 +0000 UTC | SmarterMail Enterprise 14.0.5647.22241
EHLO test.network-tools.com
250-securemail.chicagonettech.com Hello [67.222.132.211]
250-SIZE 52428800
250-AUTH CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK
VRFY bbarnes
252 Cannot VRFY user, but will accept message and attempt delivery
RSET
250 OK
EXPN bbarnes
252 Cannot EXPN list
RSET
250 OK
MAIL FROM:<admin@Network-Tools.com>
250 OK <admin@network-tools.com> Sender ok
RCPT TO:<bbarnes@chicagonettech.com>
250 OK <bbarnes@chicagonettech.com> Recipient ok
RSET
250 OK
QUIT
221 Service closing transmission channel
[Connection closed]
Note that the VRFY and EXPN command are deliberately blocked by SmarterMail - they are not an error.
 
It looks like something may not have installed properly when you installed, or upgraded, SmarterMail, so I would start by uninstalling your SmarterMail, rebooting (to unlock any locked files), and reinstalling SmarterMail.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Wayne Howe Replied
June 23, 2015 at 10:35 AM
This was in the Event Log > System:
-----------------------
Event Type:    Information
Event Source:    W3SVC
Event Category:    None
Event ID:    1074
Date:        6/23/2015
Time:        10:19:47 AM
User:        N/A
Computer:    COMMERCE
Description:
A worker process with process id of '4012' serving application pool 'SmarterMail' has requested a recycle because the worker process reached its allowed processing time limit.  
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
---------------------------- Events > Applications -----------------------------------------------
Event Type:    Warning
Event Source:    ASP.NET 4.0.30319.0
Event Category:    Web Event 
Event ID:    1309
Date:        6/23/2015
Time:        8:49:36 AM
User:        N/A
Computer:    COMMERCE
Description:
Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 6/23/2015 8:49:36 AM 
Event time (UTC): 6/23/2015 12:49:36 PM 
Event ID: 237611afbe8c4c0e88b47e586c5a9133 
Event sequence: 27 
Event occurrence: 16 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/892963906/Root-1-130794382600312500 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\Program Files\SmarterTools\SmarterMail\MRS\ 
    Machine name: COMMERCE 
 
Process information: 
    Process ID: 4012 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 
 
Exception information: 
    Exception type: HttpException 
    Exception message: A potentially dangerous Request.Path value was detected from the client (:).
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Request information: 
    Request URL: http://mail.lobstertrap.com/Main/javascript:& 
    Request path: /Main/javascript:& 
    User host address: 67.142.161.19 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
 
Thread information: 
    Thread ID: 16 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Custom event details: 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
------------------------------------------------------------
Event Type:    Warning
Event Source:    ASP.NET 4.0.30319.0
Event Category:    Web Event 
Event ID:    1309
Date:        6/23/2015
Time:        8:40:16 AM
User:        N/A
Computer:    COMMERCE
Description:
Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 6/23/2015 8:40:16 AM 
Event time (UTC): 6/23/2015 12:40:16 PM 
Event ID: e4b47791fe66462d871a6456329d1f8b 
Event sequence: 26 
Event occurrence: 15 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/892963906/Root-1-130794382600312500 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\Program Files\SmarterTools\SmarterMail\MRS\ 
    Machine name: COMMERCE 
 
Process information: 
    Process ID: 4012 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 
 
Exception information: 
    Exception type: HttpException 
    Exception message: A potentially dangerous Request.Path value was detected from the client (:).
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Request information: 
    Request URL: http://mail.lobstertrap.com/Main/javascript:& 
    Request path: /Main/javascript:& 
    User host address: 67.142.161.19 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
 
Thread information: 
    Thread ID: 20 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Custom event details: 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Wayne Howe Replied
June 23, 2015 at 11:51 AM
Hello Bruce,
 
I suspect you are right that something is configured wrong.  Now we are getting complaints that hotmail.com users are not able to send messages to our mail server. Hotmail users are sending email and they are bouncing back as not deliverable. So now we have both AOL and Hotmail failing.  It's frustrating as we get a hundred junk mails every five minutes, and they all come through fine.
 
 
0
Bruce Barnes Replied
June 23, 2015 at 12:36 PM
I would suggest you open a ticket with SmarterTools.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
2
Rod Lasky Replied
June 25, 2015 at 2:12 PM
Employee Post
Wayne is now currently receiving mail from AOL.com.  8BITMIME was added in SmarterMail 12.4.  
We upgraded his SmarterMail 11, then removed an inadvertently blacklisted AOL IP address, and mail from AOL was successfully received.  If you're experiencing this issue, please make sure you're running at a minimum SmarterMail 12.4. 
Rod Lasky
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
Wayne Howe Replied
June 26, 2015 at 6:20 AM
Rod Lasky is my hero.  We upgraded to 12.5 which gave us the correct 8MIME.  But he also discovered that a IP range we had blacklisted for spewing spam contained part of the AOL subnet.  Even though it was not the exact AOL mx subnet, it was still contributing to the time out.  We deleted the blacklist entry and AOL began flowing. Have to wait and see if receiving Hotmail was solved as well.   One thing of note, AOL is in complete disarray. There is no postmaster response for troubleshooting, the people who answer the support number were there to help users set up and knew nothing else.  AOL is truly an automated black hole.

Reply to Thread