Hello Mustapha,

that's an incoming connection (ICID) that you show here, the error however is generated on an outbound connection (DCID).  See my previous request.

Regards,

Andreas

ops. sorry mistake..

Hello Mustapha,

sory, still not sufficient. Note my original request:

Could you post all lines starting from "New SMTP DCID" for the message in question?

So there should be multiple entries for a single DCID, where I can see if the timeout is based on the message taking to long to get delivered.

Regards,

Andreas

like this

OK, if you check the time delivery starts, and the time the error occurs, you'll notice that it is always 5 minutes, which is the fixed delivery intervall AsyncOS is set to. Most likely the remote host is lacking bandwith, lthough the file here is only 130k, so it might also be an MTU issue on their end, considering your delivery with other hosts works without problem. I suggest that you set up a domain debug log with the domain in question, and check how far delivery goes. If the log only shows the message headers, and stops at the "data" section, then an MTU problem is the cause, so thei'd need to fix their firewall to allow ICMP path discovery trough. If you see data transmitted after the header part, then their bandwith is too slow. In this case it sometimes helps to configure a destination control entry for that domain, which limits the number of concurrent connections to one, or two at most - even if that sounds like a drastic change (however, 5 minutes to get 130k trough...not much of a choice I'd say).

Hope that helps,

Andreas

What is best practice from cisco?

Hello Mustapah,

is your question related to the delivery errors above? Just asking because that discussion is one year old already, and I am not sure what you mean by best practice in this matter.

Regards,

Andreas

Hi Andrea.

"I suggest that you set up a domain debug log with the domain in question, and check how far delivery goes. If the log only shows the message headers, and stops at the "data" section, then an MTU problem is the cause, so thei'd need to fix their firewall to allow ICMP path discovery trough. If you see data transmitted after the header part, then their bandwith is too slow. In this case it sometimes helps to configure a destination control entry for that domain, which limits the number of concurrent connections to one, or two at most - even if that sounds like a drastic change (however, 5 minutes to get 130k trough...not much of a choice I'd say)."

can u guide me above ur mention...

Hi Mustapah,

go to Administration->Log subscription and create a new log of type "Domain Debug Log".  State the domain you are having problems with, and make the number of SMTP sessions at least 20. Once you are running in the problem again, download that log and check the content for the events mentioned in my earlier explanation.

Hope that helps,

Andreas

Hi Andrea,

I have found below errors on gateway & not able to send mails to Particular domain,Can u assist me for the Exact issue......What is issue & Solution of this...

 Pl find attachment.

Hello Avaneesh,

have you tried the above recommendations regarding setup a domain debug log? If so, do you face the issue highlighted in this thread? Typically the timeouts are caused by ICMP traffic being blocked so that Path MTU Discovery (RFC 1191, see http://www.ietf.org/rfc/rfc1191.txt) is disabled.

Best regards,

Martin