3
mails being left in the spool queues, never being sent, or retried. sm service restart delivers mails.
Problem reported by Keith Dovale - 2/18/2021 at 10:33 AM
Submitted
We are experiencing issue where we upgraded from sm57.7 to smartermail 100 latest version, mails generally get delivered, but randomly mails are left in the spool, with no delivery count, they never get retried, despite trying to force them, reset their delivery count which is 0, and the only way to get them delivered is to restart the smartermail service. In the log files the session stop at tls connection being issued, and there it stops, we have checked and tested our servers with the naartac software, and everything is 100% ok, when we test the websites, etc, when we test the sm server there seems to be some issue with using all the cipers or something, despite them being available.

We are also seeing reverse dns failing where an ipv4 remote mail server connects, and spamassassin, and declude test the reverse dns 100% ok but sm fails the reversedns. it seems the reason is it is reverse dnsing an ipv6 address which we don't use on our servers, not is the remote server using ipv6.  This is also sitting with SMs dev department.

We have opened 2 tickets re these issues more than a month ago, and we are getting no where in resolving these issues. I am actually losing clients because of this, as a last attempt i am trying to see if anyone else is experiencing these issues. 

We ran all our mail servers until last year november on sm15 one version before 15.7, and since we upgraded the servers are having endless shit since. We have tested this on creating a brand new server 2016 server and loading sm100 on it, same issues are being seen. I an seriously considering that Smartertools refund my money and I will look at alternative mail server software. I cant believe these tickets take over 30 days to be solved.

7 Replies

Reply to Thread
0
Sébastien Riccio Replied
Hello,

Can you check in the spool the status for the recipients for the messages being stuck in the spool, from this menu ?

It should display the delivery status for the different recipients of the mail and could help understand why they are stuck.

Also there is another thread about other users having issue with messages stuck in queue when TLS is activated for outgoing mails. Maybe it could be related.
You could try to temporarily disable TLS for outgoing mails if you have it activated at the moment and see if it helps.

Kind regards.
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Jade D Replied
And you have TLS Enabled?
Jade https://absolutehosting.co.za
0
Gabriele Maoret - SERSIS Replied
I have TLS enabled and no issue so far...
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Jade D Replied
Hi Keith,

I see that you're also from SA - hello bud.

This issue is exactly what I have complained about here

Same symptoms.
Jade https://absolutehosting.co.za
0
Keith Dovale Replied
These issues here that are being seen have led us to go through the following actions without any resolution now for more than 3 months. 
1) Tls on or off, doesnt mater which settings are used - same issues,
2) iis crypto best practices - No change
3) We have edited the registry, to ensure that .net 4 uses the defaults, and that the various versions are enabled or disabled, - no difference.
4) We have gone through all the settings in smartermail and resaved everything, same issues
5) Brand new install ow windows 16 with latest SM100 - Same issues

We have had a ticket opened for 3 months without resolution to this issue. What worries me is we were running SM 12,x SM 15.x for 14 years without issues, in november last year we upgraded our main servers to sm100, and the sm12 server we upgraded to sm15.7 latest version, and then we started noticing this issue on all the gateways and servers, we thought it was an issue specific to certain servers as other servers had no issues, the main issues is seen to xneelos servers in capetown, we also picked up a few to 2 other isps, the common factor is its exim4 on these servers. We have contacted all of these parties to investigate and they cant identify specific issues on their side.

We did do wireshark traces, and there are some network retries that do happen, but this is normal for networks to see these. My question for SM is the following.
1) Why are these emails started to  send, the TLS command is given, and that is where it ends. no further communications, NO retries of these emails, you cannot force them, you cannot reset the retry count, etc. But if you restart the SM service then these emails are sent fine 100%. We have lost loads of customers due to this issue, and I feel it is being put on us to look into it rather than SM investigating it further, A while before this we had another issue, and we were informed that TLS 1 and 1.1 were becoming end of life and we should disable these, but there are still isps using tls1.1.
2) When we test the server using the qualitylabs ssl tests, if we test the webserver it checks out our server and all ciphers etc are available and tested and we can obtain a level A rating if we turn off tls 1.1, but for backward compatibility we leave it on and we are ranked a B. But if you test the SM server ie SMTP then the weak protocols are used and some stronger protocols are not seen, why is SM ignoring these ciphers ?

In my opinion the lates releases of sm15.7 and the latest SM100 has some serious issues related to TLS and there is No Resolution for it. 

Another issue we are seeing is we started seeing SM fails reverse dns on certain servers, however declude and spamassassin pass reversedns with no problem, the servers connecting to us are ipv4 server, we use ipv4 and we do not have ipv6 enabled on sm, but the reversedns fails because SM is trying to lookup the remote server using ipv6 protocols. This ticket is also 3 months old and we also started experiencing this issue only after upgrading.

We also run some other MTAs running on Linux these do not see the same issues experienced with SM 15.7 latest and SM100, we also have a sm12 server running as a spool server this doesnt see the same issues either.

Just an update, we were only seeing this happening on mails being delivered from our servers outbound, I found 3 messages today in this stae inbound, so they have been received and have not been delivered to the mailbox on the same server. This is where the log stopped for this message.

[2021.02.23] 13:34:28.125 [48367786] Spam Checks completed.
[2021.02.23] 13:34:28.125 [48367786] Removed from SpamCheckQueue (93 queued or processing)
[2021.02.23] 13:34:28.735 [48367786] Added to LocalDeliveryQueue (1 queued; 1/50 processing)
[2021.02.23] 13:34:28.735 [48367786] [LocalDeliveryQueue] Begin Processing.
[2021.02.23] 13:34:28.735 [48367786] Starting local delivery to dmarc@hostworx.co.za

 
0
Dirk Replied
Hello from the Windy City 

I am also having a lot of problems with 1) mail left in the spools, 2) Declude working then out of the blue the proc directory just starts filling up, connection to major banks where the connection is just dropped when there are attachments etc. 

Any movement on this? 

What I am seeing in the delivery log. 

[2021.12.10] 00:01:00.618 [71077734] CMD: DATA
[2021.12.10] 00:01:01.149 [71077734] RSP: 354 go ahead
[2021.12.10] 00:15:58.571 [71077734] Exception: Unable to write data to the transport connection: An existing connection was forcibly closed by the remote host.
[2021.12.10] Stack:    at System.Net.Sockets.NetworkStream.Write(Byte[] buffer, Int32 offset, Int32 size)   at System.Net.Security._SslStream.StartWriting(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)   at System.Net.Security._SslStream.ProcessWrite(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)   at System.Net.Security.SslStream.Write(Byte[] buffer)   at MailService.RelayServer.Clients.SMTP.SmtpClientSession.SendData(StreamReader sr)   at MailService.RelayServer.Clients.SMTP.SmtpClientSession.SendData()   at MailService.RelayServer.Clients.SMTP.SmtpClientSession.GiveData()   at MailService.RelayServer.Clients.SMTP.SmtpClientSession.StartProcessing(String sessionId)Inner Exception: An existing connection was forcibly closed by the remote hostInner Stack:    at System.Net.Sockets.NetworkStream.Write(Byte[] buffer, Int32 offset, Int32 size)00:15:58.571 [71077734] Attempt to ip, '68.232.159.245' success: 'False'
[2021.12.10] 00:15:58.571 [71077734] Attempting to send to MxRecord 'mx2.hc858-6.c3s2.iphmx.com' ip: '68.232.159.239'


0
Dirk Replied
Feedback from the recipient side on the Cisco network is that SM is opening the connection then not sending data, and after 15 minutes the connection is closed, they sent me all the wireshark captures to show this. 

Reply to Thread