Hello,
since two weeks we have some problems with fetching the mails from our pop3 accounts.
We have a exchange server and use "POPCon" to fetch the mails. Since two weeks POPCon generates failure messages that port 995 is unreachable. This stays for some hours till the problem resolves itself. This happens every two days but sometimes even twice a day...
If we notice the problem, I stop the POPCon service and then have to wait for some minutes before I can start it again. Fetching the mails will then work again. If I start the service immideatly the problem stays.
After I did some troubleshooting I made a network log with whireshark. Only then I got the clue, that I should take a look at the firewall logs because the whireshark logs stated there came no server-HELLO after the client-HELLO from our server.
So I did indeed find that some packets were dropped during that time.
There are many dropped "ACK FIN" packets, but only one "ACK" packet.
What could be the problem?
Thank you for your help.
since two weeks we have some problems with fetching the mails from our pop3 accounts.
We have a exchange server and use "POPCon" to fetch the mails. Since two weeks POPCon generates failure messages that port 995 is unreachable. This stays for some hours till the problem resolves itself. This happens every two days but sometimes even twice a day...
If we notice the problem, I stop the POPCon service and then have to wait for some minutes before I can start it again. Fetching the mails will then work again. If I start the service immideatly the problem stays.
After I did some troubleshooting I made a network log with whireshark. Only then I got the clue, that I should take a look at the firewall logs because the whireshark logs stated there came no server-HELLO after the client-HELLO from our server.
So I did indeed find that some packets were dropped during that time.
Code:
2012:12:11-11:09:50 astaro-1904 ulogd[5592]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth7" mark="0x1000" srcmac="***" dstmac="yyy" srcip="mail-provider-IP" dstip="gateway-IP" proto="6" length="1492" tos="0x00" prec="0x00" ttl="58" srcport="995" dstport="12340" tcpflags="ACK"
2012:12:11-11:10:42 astaro-1904 ulogd[5592]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth7" srcmac="***" dstmac="yyy" srcip="mail-provider-IP" dstip="gateway-IP" proto="6" length="40" tos="0x00" prec="0x00" ttl="58" srcport="995" dstport="12365" tcpflags="ACK FIN"What could be the problem?
Thank you for your help.