Closed Bug 394152 Opened 17 years ago Closed 15 years ago

SMTP-TLS intermittent send message fails "sending of message failed ... because connecting to SMTP server ... failed" [caused by firewall]

Categories

(Thunderbird :: General, defect)

Product:
Thunderbird
Component:
General
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: wsmwk, Unassigned)

Details

Attachments

(1 obsolete file)

Attached file smtp log from TLS failed send (obsolete) — 
in follow up to bug 368611 comment 64

mail server is sendmail 8.14 using openssl
PC is thunderbird 2.0.0.6.  Settings: TLS, port 587, server mail.lehigh.edu

some sends work, some sends fail. no apparent pattern.  sometimes it's 1 out of 7.  sometimes it might be for example the second send that fails.

log attached.  
tested later with "security.enable_tls" set to false and fails in same way
Nelson, does the log have sufficient info and show anything useful?
Status: UNCONFIRMED → NEW
Ever confirmed: true
The log seems to show two connections, one that succeeded entirely, and a 
second one that failed at the point where the SSL/TLS handshake should 
have occurred.  The log provides no clues about why the handshake didn't 
proceed normally, nor how (in what manner) it failed.
(In reply to comment #2)
> The log seems to show two connections, one that succeeded entirely, and a 
> second one that failed at the point where the SSL/TLS handshake should 
> have occurred.  The log provides no clues about why the handshake didn't 
> proceed normally, nor how (in what manner) it failed.

so thunderbird simply decided at some step to not proceed?

what is the next step to debug this?
> so thunderbird simply decided at some step to not proceed?

We're left to guess what happened and why.  The log file tells us that it
was about to try to send an EHLO over TLS.  That's the last thing it 
records.  Presumably there was an outcome, an error of some sort, but 
the log doesn't tell us that.  So we must guess.  

> what is the next step to debug this?

You need to bring some tool to bear on this problem, one that will tell
us what's happening, so we don't have to guess any more.

The logging should be enhanced to log errors, and/or decisions to give 
up and the reasons why.  

You could try to use some sort of connection monitoring tool, such as
ethereal or ssltap, to capture the communications and analyze them, 
but that's a lot of work.  Given that the code that gave up knows why 
it did so, the logging really ought to log that reason.
NSPR log with next parameter may help further analysis.
SET NSPR_LOG_MODULES=smtp:5,nsSocketTransport:5,nsHostResolver:5,negotiateauth:5
> http://kb.mozillazine.org/Session_logging_for_mail/news
> http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html#imap
> http://www.mozilla.org/projects/netlib/http/http-debugging.html
> http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/sso-ov.html#sso-config-firefox-troubleshoot

If analysis of other traces such as ethereal will be required, or if timing related issue is involved, timestamp of NSPR log will be probably required.
When MS Win, combination of DebugView+NSPRlog is available for this purpose.
  SET NSPR_LOG_FILE=WinDebug
  SET NSPR_LOG_MODULES=...
  (See Bug 86396 Comment #7 for rough procedure)
NSPR_LOG_FILE=WinDebug will pass log data to DebugView, and DebugView will add timestamp to data and save timestam+data in a file.
This is also convenient to obtain NSPR log while specific operations only.
Comment on attachment 278762 [details]
smtp log from TLS failed send

user associated with attachment 278762 [details] just determined his failures stopped after turning off net defense firewall in System Suite, which he failed to turn off during our testing.

I have one other user pending, so leaving this bug open
Attachment #278762 - Attachment is obsolete: true
Similar issue with ironports, an older instance of thunderbird is handleing auth + tls fine but 2.0.0.6 complains re unable to connect to smtp server smpt.(yourdomain) via starttls since it doesn't offer starttls in ehlo reponse(thats not even spelled right..). Please verify that your mail / News account settings are correct and try again.  Same exact settings work for 
$ rpm -qi thunderbird
Name        : thunderbird                  Relocations: (not relocatable)
Version     : 1.5.0.12                          Vendor: Red Hat, Inc.
Release     : 2.fc6                         Build Date: Thu 19 Jul 2007 06:38:27 PM PDT

As well as;
$ rpm -qi evolution
Name        : evolution                    Relocations: (not relocatable)
Version     : 2.8.3                             Vendor: Red Hat, Inc.
Release     : 2.fc6                         Build Date: Thu 29 Mar 2007 02:16:27 PM PDT


But not for firefox 2.0.0.6 (20070729) which reports to be the latest build.
had no further reports of this.
so closing invalid (though no doubt there is a dupe out there)
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
Summary: SMTP-TLS intermittent send message fails "sending of message failed ... because connecting to SMTP server ... failed" → SMTP-TLS intermittent send message fails "sending of message failed ... because connecting to SMTP server ... failed" [caused by firewall]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: