Home > Archive > microsoft.public.exchange2000.admin > October 2002 > FE/BE Delay through a PIX firewall





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author FE/BE Delay through a PIX firewall
Drew

2002-10-05, 8:23 pm

I have a broad question as I try to build a baseline. We have a FE/BE setup.
I can go to the queue on the FE server, and see how many messages are
queued for the BE. I have been watching it for a good part of the morning,
and seems to average between 150-200 items, and between 4-8 MB in size. The
FE is in a DMZ, going through a PIX firewall. It is not they are not send
e-mail, only that it seems to be really delayed, sometimes about 20-40
minutes. Both servers can see each other (via ping
servernam -t). This does not rate as a high crisis item, but it is something
that I would like to resolve-any thoughts? -TIA

Here is some more info-here are some headers from test messages we sent from
the hotmail to our system. You will see the delay from the FE (Yenta) to the
BE (which we have called Mail here) varies from 2 minutes to almost 20
minutes. What should the normal time be on a FE connected to a BE on a LAN?
If you could take a look at this-TIA-Drew

---------------------
Microsoft Mail Internet Headers Version 2.0
Received: from yenta.bentonville.k12.ar.us ([66.204.14.167]) by
mail.bentonville.k12.ar.us with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 13:34:35 -0500
Received: from hotmail.com ([64.4.32.210]) by
yenta.bentonville.k12.ar.us with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 13:29:05 -0500
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC;
Thu, 12 Sep 2002 11:29:08 -0700
Received: from 66.233.88.197 by pv0fd.pav0.hotmail.msn.com with HTTP;
Thu, 12 Sep 2002 18:29:08 GMT
X-Originating-IP: [66.233.88.197]
From: "Matt " <person@msn.com>
To: person@bentonville.k12.ar.us
Bcc:
Subject: test
Date: Thu, 12 Sep 2002 13:29:08 -0500
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: < F26iKjJiW9EdZrr34EL00009b74@ho
tmail.com>
X-OriginalArrivalTime: 12 Sep 2002 18:29:08.0638 (UTC)
FILETIME=[48654BE0:01C25A8A]
Return-Path: person@msn.com
------------------------------------------------------------------------

Microsoft Mail Internet Headers Version 2.0
Received: from yenta.bentonville.k12.ar.us ([66.204.14.167]) by
mail.bentonville.k12.ar.us with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 13:27:37 -0500
Received: from hotmail.com ([64.4.33.84]) by yenta.bentonville.k12.ar.us
with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 13:24:56 -0500
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC;
Thu, 12 Sep 2002 11:24:57 -0700
Received: from 66.233.88.197 by pv0fd.pav0.hotmail.msn.com with HTTP;
Thu, 12 Sep 2002 18:24:57 GMT
X-Originating-IP: [66.233.88.197]
From: "Matt " <person@msn.com>
To: person@bentonville.k12.ar.us
Bcc:
Subject: test
Date: Thu, 12 Sep 2002 13:24:57 -0500
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: < F13skOY2o9TeYWNmitm0001c7b0@ho
tmail.com>
X-OriginalArrivalTime: 12 Sep 2002 18:24:57.0769 (UTC)
FILETIME=[B2DDB990:01C25A89]
Return-Path: person@msn.com

------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from yenta.bentonville.k12.ar.us ([66.204.14.167]) by
mail.bentonville.k12.ar.us with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 14:39:04 -0500
Received: from hotmail.com ([64.4.33.89]) by yenta.bentonville.k12.ar.us
with Microsoft SMTPSVC(5.0.2195.5329);
Thu, 12 Sep 2002 14:22:43 -0500
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC;
Thu, 12 Sep 2002 12:22:47 -0700
Received: from 66.233.88.197 by pv0fd.pav0.hotmail.msn.com with HTTP;
Thu, 12 Sep 2002 19:22:47 GMT
X-Originating-IP: [66.233.88.197]
From: "Matt " <person@msn.com <mailtoerson@msn.com> >
To: person@bentonville.k12.ar.us <mailtoerson@bentonville.k12.ar.us>
Bcc:
Subject: test
Date: Thu, 12 Sep 2002 14:22:47 -0500
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: < F18U0QoH9BoSTnaNdgx0000d247@ho
tmail.com
< mailto:F18U0QoH9BoSTnaNdgx0000
d247@hotmail.com> >
X-OriginalArrivalTime: 12 Sep 2002 19:22:47.0264 (UTC)
FILETIME=[C6D8A600:01C25A91]
Return-Path: person@msn.com <mailtoerson@msn.com>



Bryan Nyce

2002-10-05, 8:23 pm

Drew wrote:
> I have a broad question as I try to build a baseline. We have a FE/BE
> setup. I can go to the queue on the FE server, and see how many
> messages are queued for the BE. I have been watching it for a good
> part of the morning, and seems to average between 150-200 items, and
> between 4-8 MB in size. The FE is in a DMZ, going through a PIX
> firewall. It is not they are not send e-mail, only that it seems to
> be really delayed, sometimes about 20-40 minutes. Both servers can
> see each other (via ping servernam -t). This does not rate as a high
> crisis item, but it is something that I would like to resolve-any
> thoughts? -TIA

<snip>

Does your PIX have the mailguard feature enabled? Check the PIX config and
look for fixup protocol SMTP 25

This only allows 7 basic SMTP commands (HELO, MAIL, RCPT, DATA, RSET, NOOP,
QUIT) through as per RFC821 (no ESMTP commands like EHLO), and could be part
of the cause for the delay.

You can test this by disabling the mailguard feature on the pix (conf t, no
fixup protocol smtp 25).

Bryan Nyce


Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net