About six months ago, we received word that one of our business partners was not receiving email from us. The business partner was running a MS Small Business Server 2003 behind a SonicWall TZ 170 firewall connecting to their ISP through PPPoE. I set up a domain debug log on the IronPorts and sent a message. At the end of the body of the message, the IronPort sent a period on a line by itself but never received a response from the recipient server. I contacted the support person for the business, and he was a contractor who had other similar setups around the area. Through process of elimination, we figured out that the problem was the SonicWall TZ 170. In the mean time, I was contacted by another contractor who had at least 50 confirmed cases of companies not able to receive mail from certain domains. It seemed that the IronPort exacerbated the problem as I was never able to get a message past a TZ 170, but other MTAs experienced sporadic success or failure. By the first of the year, SonicWall had agreed that there was a problem with their firmware and was working on it. In February, they released firmware version 3004s for the TZ 170 and it appears to have fixed the PPPoE/Email problem. However, there are already reports from one of the contractors that DHCP is now flakey.
I feel that the problem is especially nasty because the sender never receives an NDR. When the SonicWall drops that packet, it doesn't close the connection with the IronPort. When the contractors upgraded the firmware or replaced the TZ 170s, they started getting mail that they hadn't even realized they weren't getting. The reason that I am sending this message is because SonicWall failed to add the PPPoE/Email bug fix to the release notes, and because I know that there are others out there that are experiencing this. I don't want anyone else to have to spend several months tracking this down.
