Untangle5.3 and Email port forwarding.

W

Wolf-R1

[H]ard|Gawd
Joined
Aug 30, 2004
Messages
2,005
Has anyone ever seen this issue? I posted this on the Untangle forum but thought I'd post it here to see what the [H] thinks.

I just set up a new UT 5.3 firewall pretty much for the sole purpose of email forwarding. Just about out of the box it works for port forwarding email traffic (at least in a test environment) however I've noticed that when I connect via my laptop in the test environment it takes about 10 seconds to establish a connection. I am testing using telnet to port 25 and the network setup is as follows:

Laptop --> UT5.3 --> email server (production)

All links are 100Mb in this environment.

Is this 10 second delay normal? Possibly part of an anti-spam practice? If it's not normal what can I do to remove the problem?

UT5.3 machine is as follows:
Athlon64 2200Mhz/1MB cache
1GB DDR2

Edit: further testing indicates that I get the delay only when connecting and at the end of sending an email. During the data exchange I don't really see the delay. However, I do not see the same delay when performing the same test internally without the UT5.3 box.
 
Is it bridged or running router (dual NIC, WAN and LAN)

Did you do the standard port forwarding from the Alpaca web interface? Or manually do all the access rules in the firewall?

I haven't noticed any delay when telneting to clients servers from out on the internet.
 
Routing, dual NIC, and yes I used the standard Alpaca interface to do the port forwarding. It was stupid simple really. :)

It's just weird that it has that connect and confirm delay. I'm not completely comfortable putting it into a production environment however, it can't hurt considering how bad the IPCop machine is doing. Although the IPCop machine is on much lesser hardware.
 
Trying to figure from your diagram, and the description....
You're laptop is trying to connect to the mail server via telnet 25 from outside the WAN side of the UT box? Yet mail server is in production, making me thing all on the same network..same IP range on both sides of UT? :confused:
 
The laptop and UT box at the moment have a point to point setup via a switch. That relationship would be considered "outside" and is using actual IP addresses that we have for one of our external Internet subnets. The UT box has an internal connection to the mail server via a production switch.

Thus, the laptop is indeed connecting as if it were an external client.
 
Hmmm....perhaps with this ip mapping you're doing..that's scrambling it up somehow, Untangle may pause to look at it with attack blocker or some other firewall rules..seeing it as being slightly odd point of origin. Being a layer 7 firewall..it may find the ip mapping strange.

I do have several Untangle boxes in product at clients, and no problems with SMTP port 25, telnet behaves fine.

If you move her to production...and continue to have the issue, I can, based on my own experience, say that their phone support is excellent.
 
Well it was easy to figure out what's causing the problem. Now the question is why.

I've narrowed down to the fact that the spam blocker is causing this issue. If I turn the spam blocker off the connection to the email server is instantaneous. If I have it on I get that delay on first connection and after sending an email. None of the other services affect port 25 connections.

At the moment the spam blocker is at the default settings. I've changed nothing on it.
 
Alright, turns out my first assessment was correct. The reason this is happening is due to the anti-spam tarpit feature of the spam blocker. Turning it off negates this 10 second delay. Turning it back on brings the delay back.
 
You must log in or register to reply here.
Back
Top