Hi David.
I think I can guess what your problem is, because I had exactly the same
symptom with a different bulk email provider...
Basically this sounds like an MTU issue: The SMTP client
(mailomta12-sa.btinternet.com[213.120.69.18] in your case) is able to
establish the TCP connection to your server, and the first few SMTP
requests and responses work fine, because the packets are small. Then
when it tries to transmit the content of an email (after the DATA
command), the packets get blocked because they exceed the maximum size
that will fit through your Internet connection, and this causes the TCP
connection to stall, and inevitably time out.
The problem I've described above manifests itself due to a combination
of a number of conditions:
1. Your SMTP server has a standard MTU setting.
2. Your connection to your ISP has an MTU smaller than your server's
MTU, and your ISP either isn't performing MSS-Clamping, or it isn't
working properly.
3. The SMTP client connecting to your server is behind a firewall that
blocks ICMP 'Destination Unreachable' packets (type=3) due to 'datagram
is too big and must not be fragmented' (code=4).
In my case:
1. My server was using the default MTU of 1500 bytes.
2. My connection to my ISP uses PPPoE, which adds an 8-byte header onto
all packets travelling between my home to my ISP, effectively reducing
the maximum packet size from 1500 bytes down to 1492 bytes. They did
have MSS clamping set up, but it turned out that it wasn't working for
incoming TCP connections (i.e. from the Internet to me).
3. The sender was blocking ICMP 'Destination Unreachable' packets
(type=3) due to 'datagram is too big and must not be fragmented' (code=4).
I raised this issue with both my ISP and the bulk email provider:
* My ISP confirmed (after performing their own testing) that there was
an issue with their MSS clamping, and that it only worked for outgoing
TCP connections (i.e. from me to the Internet). They offered me a new
home router that could do MSS clamping itself (but I declined because I
wasn't keen on the brand).
* The bulk email provider allowed ICMP 'Destination Unreachable' packets
(type=3) due to 'datagram is too big and must not be fragmented'
(code=4) through their firewall.
However to mitigate any future recurrences (from different SMTP clients)
I also decided to reduce the MTU on my server. There are actually a
couple of ways to do this:
a) The simplest way is to modify your MTU in your network interface
configuration, but exactly how you do this depends on 'what' is managing
your network interface. E.g. Depending on your Linux distribution (e.g.
Ubuntu, etc) you might be using systemd.networkd or Network Manager or
NetPlan?
b) The more complicated way is to set "advmss" option on your default
route in your routing table. (This is actually the way that I did it,
because it only reduces the packet size for traffic that is going
to/from the Internet, not traffic between my servers.)
Hopefully this helps? Feel free to email me directly if you think this
is the cause of your problem, but you need more explanation about
anything above?
Thanks,
Nick.
