We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Email Security Gateway

Why does some outbound mail sitt on my mail server and is not being delivered?

  • Type: Knowledgebase
  • Date changed: 3 years ago
Solution #00007199  

Scope:
Barracuda Spam Firewall all firmware versions, and Email Security Service all versions.

Answer:
This is usually caused by another device on the senders network forcing the connection to close.

If you are using a Barracuda Spam Firewall or the Barracuda Email security service and you have some mail that is not being delivered from your mail server then the problem is usually a device on your network that is monitoring port 25 traffic and dropping connections when it sees traffic it does not like.

This can be a router, scanners/sniffers, or web filter. Any of these types of devices on your network have the ability to monitor port 25 traffic and force a connection to terminate.

    CISCO PIX and ASA firewalls are famous for this with their FIXUP protocols.
    Web Filters set up to monitor the SMTP port (25) also are known to cause this.
    Many port scanners have the ability to monitor and drop port 25 connections.

What happens is that your mail server connects to the Barracuda service/service and starts the delivery process. During the transfer of data the router/scanner/filter sees a data stream it determines is "dangerous". It will then cause that connection to drop.

The sending server sees this as a connection timeout because it gets no further data from the destination server
The destination server also sees this as a connection timeout because it gets no further data from the sending server.
Both servers think the other dropped the connection so both just see it as a connection timeout.

This usually only affects some mail going to the Barracuda service/service which is a good indication that the problem is with another device on the network. If the issue was with the Barracuda server/service then all mail would be failing.

So if your SMTP log is showing connection timeouts to the Barracuda Server/Service but only for some of your mail you should investigate any third party devices on your network that the traffic is going through or that is monitoring your SMTP/Port 25 traffic.

Link To This Page: