SMTP Mail Sending Failure - Connection troubleshooting

Background:

I have encounter issue when sending email from my application server via SMTP server. The syndrome is only smaller size email is able to send out successfully but not the larger size email. I tried to upgrade OS on the application server from windows 2012 to 2016, using different module/plugin and still encountering the same issue. The issue was going nowhere until i start tracing the network using wireshark.

Summary:

Through network tracing it is able to identify the issue was causing by IP-Sec encryption that transmitting packet with size larger than 1400 will be failing. By limiting the MTU to 1400, the email is able to send out successfully now.

Details of the process:

1. Download wireshark
2. Install wireshark on the server that is having connection issue
• I am installing with all default options including Npcap
3. Open wireshark
4. Select the network interface that you want wireshark to monitor. 
• Can ignore all those without traffic 






5. Stop the tracing and add in the filtering criteria to remove all the noise
• For example in my case, i want to connect from my application server to SMTP server for sending email and lets say my SMTP server ip address is 10.198.1.133 then my filter will be:
• ip.dst==10.198.1.133 or ip.src==10.198.1.133
• In this case the wireshark will capture the network traffic from my application to SMTP server and also all network traffic from the SMTP server to my application server




6. Start the tracing again once the filter is entered



7. Initiate the connection attempt, in my case is trying to send email via the SMTP server
8. Stop the tracing once the connection attempt is completed

9. Examine the logs
• From the log, we will be able to see all traffic between the application server and SMTP server.
10. In my case, i can see that the connection went smoothly all the way until Data Segment started to send over to server (Those in black background)
11. We can see that the SMTP server is not responding and the application server keep on transmitting
12. We have also noticed that the length of the data packet is 5894 while the Retransmission packet length is 1514

13. Then we clean up the logs and start the tracing again on wireshark
14. This round we try with ping command
• ping -f -l 1350 SMTP_SERVER_IP
• Ping managed to go through with packet size of 1350 bytes
• ping -f -l 1400 SMTP_SERVER_IP
• Ping failed to go through with packet size of 1400 bytes

15. Check on the wireshark log and we are able to see all the ping with length of 1342 went through successfully
16. All the ping with length 1442 is failing to get response from SMTP server
    

17. From further checking it is because of the network between application server and SMTP server has been encrypted using IPSEC and any packet that is larger than 1400 will be splitting into different packet but couldn't handle at the SMTP server side.
18. We have then try to limit the maximum transmission unit (MTU) to 1400 and the problem got resolved.
19. To check the MTU size can use the command below
• netsh int upv4 show int
• Also take note of the idx, we will need it in later command

20. Issue the command to change the MTU size to 1400
• netsh interface ipv4 set subinterface XX MTU=1400 store=persistent
• XX refer to the Idx from step above

21. Check again the MTU after running the command
• The MTU value should now be 1400


22. Test sending email again via SMTP and it has now gone through successfully

5.       

How to upgrade WAMP PHP and Apache version

I am always a fans of WAMP which stand for Windows Apache Mysql and PHP framework. It is easy to install and ready to use right away. However, as there are always new version of PHP or Apache coming out to fix the vulnerabilities or security loop hole they have. In this article, it will shows the steps to upgrade Apache and php version.

 

For Apache

1. Download the latest Apache windows version from
1. https://www.apachelounge.com/download/
2. Unzip the zip file and put it under the WAMP installation folder > bin > Apache
1. E.g if your WAMP installation path is c:\wamp, 
1. then the apache folder should be under c:\wamp\bin\apache\
2. E.g If your WAMP installation path is D:\wamp
1. then the apache folder should be under D:\wamp\bin\apache\
3. You should be able to see all previous available version of Apache in that folder
1. make sure you put in the version number so that you can identify which folder is for which apache version
1. In this case, the apache is upgrading from version 2.4.46 to 2.4.49 

 

3. Compare the differences between new apache version and the last working apache version. I am using winmerge

4. Pay extra focus on the conf\httpd.conf file
1. Make sure the apache version is correct

2. Make sure it is listening on the correct port
1. By default it is opening at port 80

3. Make sure all module that have enabled for previous version Apache is also enabled for the new version of Apache

 

4. If you have defined ssl connection with the ssl keys, make sure the httpd-ssl.conf changes from the old version is sync to the new version as well

 

5. Next open wamp

 

6. Refresh wamp

 

7. The newly added Apache version should be available now
8. 
   
   
   

 

For PHP

1. Download the latest php windows version from 
1. https://windows.php.net/download/
2. Unzip the zip file and put it under the WAMP installation folder > bin > php
1. E.g if your WAMP installation path is c:\wamp, 
1. then the php folder should be under c:\wamp\bin\php\
2. E.g If your WAMP installation path is D:\wamp
1. then the php folder should be under D:\wamp\bin\php\
3. You should be able to see all previous available version of Apache in that folder
1. make sure you put in the version number so that you can identify which folder is for which php version
1. In this case, the php is upgrading from version 7.4.13 to 7.4.24 

 

 

3. Win merge to compare with previous version
1. Especially on the php.ini
1. And copy the php.ini to become phpForApache.ini
2. phpForApache.ini is using by WAMP hence it is necessary to exists, it can be the exact same content as php.ini

2. Make sure all modules that are enabled in previous version are enable in the new version
3. Refresh WAMP

 

5. The newly added php version should be available now
6. 
   
   
   

 

7. After selecting that new version of apache, it will take a while for the service to restart and the wamp icon should become green after that.
1. It should also shows that the latest php version are now being use.

8. If the wamp icon is red, you can check the PHP error log for issue

 

 

9. Verify Apache and php version from phpinfo

 

Get started with Swagger and ASP.NET Core Web API app

 

1. In the Visual Studio, create a new project: ASP.NET Core Web Application
2. Select project template: API
3. After the project is created follow instructions as below
   https://docs.microsoft.com/en-us/aspnet/core/tutorials/getting-started-with-swashbuckle?view=aspnetcore-5.0&tabs=visual-studio
   
4. Add NuGet Package: Swashbuckle.AspNetCore

5. Modified startup.cs file as below

   
6. Once is done, rebuild the project and debug
7. When the page has opened up, navigate to /swagger

First deploy to the server

1. Right-click on the project and publish
2. Copy the Target Location
3. Open IIS
4. Create a new website
5. Map the Physical Path to the Target Location
6. Go to Application Pools
7. Edit Application Pool
8. Set .NET CLR version: No Managed Code
9. Install ASP.NET Core 3.1 Runtime - Windows Hosting Bundle to the server 
   https://dotnet.microsoft.com/download/dotnet/3.1

If you haven't register the domain on public DNS, in order to view your Swagger page on you local machine, you should update hosts file on your machine.
To do so, open hosts file on the your machine at c:\Windows\System32\Drivers\etc

and append to the file content as:

[IP Address] [API domain name]

Example:

127.0.0.1    tech--about.com