Spamhuntress

A customer contacted me, complaining that mail didn’t seem to reach one of their contacts. Mail had started flowing heavily between these two companies, but the mail only reached the recipients if they originated at the contact’s server, not the other way around.

The contact was pretty convinced the problem was on my end, after having done some troubleshooting and finding that the configuration of the server software was sound. I was equally convinced the problem was on their end.

A lot of troubleshooting later, we reached some conclusions:

Although the server at the other end appeared to work fine, it didn’t send the initial server greeting to some servers. This happened across linux distros and mailserver flavors. I couldn’t find a rhyme or reason why some didn’t get the server greeting, but it was consistent. Some did, others didn’t. When I telnettet to port 25 from the affected servers I had to press enter (got the server greeting and a 500 error) or send EHLO manually in order to get the server greeting.
They had Symantec Mail Security installed, and I tried to find any mention online about it having problems. Found nothing.

Finally I thought, OK, since there’s an Exchange server behind Symantec, maybe I should see if there are any problems there. I found two mentions of identical problems. In both cases, they had a Zywall5 router in front of and Exchange server. One person had updated the firmware on the router, and the problems had vanished. I called the company, and asked the IT person point blank: Do you by any chance have a Zywall router in front of the mail server? He immediately said yes. After updating the router firmware, the problems vanished right away.

This entry was posted on Monday, November 5th, 2007 at 6:36 am and is filed under Admin stuff. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.