09-25-2013 08:50 AM
We have a C150 Ironport in our network that is not passing some emails through due to "Maximum connection time exceeded" and then aborts the message. The full error is:
"Incoming connection (ICID 9595873) disconnected address xxx.xx.xx.xx. Maximum connection time exceeded."
I don't believe this is a bandwidth issue and this has happened with differenent companies email us. Questions:
1. Why am i getting this error?
2. Can I can the timeout on the Ironport?
3. Could this be related to attachments exceeding the limit in the exchange server?
Any help would be appreciated.
Thanks
09-26-2013 07:30 AM
Anybody come across this issue before? I have verified this happens when the email has an attachment. I have checked my mail recieve connectors and the attachments are an acceptable size. Seems like the remote email server disconnects due to a timeout. Why would it take so long for an attachment to push through? Is it common to change the timeout on the Ironport?
Thanks
09-30-2013 11:10 AM
Hi Chris,
This error indicates that a remote server connecting to the IronPort
appliance has exceeded the "Total Time Limit for All Inbound Connections"
This only happens when the connection time reaches the configured timeout,
in most configurations it will be 15 minutes. The IronPort then sends the
soft bounce '421' error code and drops the connection.
This timeout parameter is configurable via the "Total Time Limit for All
Inbound Connections" value, in the Global Settings of each listener. A mail
server should close the connection after successful message transmission. If
it does not, then the timeout triggers and the appliance closes the
connection. Generally, if a mail server is taking over 5 minutes to send
another SMTP command, there are likely issues on the network side of things
(outside of the IronPort). If the same issue occurs often (for many
different remote server connections), there may be an internal network
issue, which in turn is outside of the IronPort.
I you recommend you to create an injection debug log to monitor a session from this host before you consider changing the appliance's configuration.
Please refer to the following Video Knowledge Base article:
https://supportforums.cisco.com/videos/1959
or the written version:
How do I analyze mail delivered to the Email Security Appliance (ESA)?
Knowledge Base Answer ID: 728
http://tools.cisco.com/squish/4c559
I hope this helps.
-Valter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide