postfix smtp timeout over vpn

We have some staff that connect to the office over VPN. Some of them experienced problems when sending files with attachments. Plain email went through fine but ones with attachments timed out.

Mail client timeout settings

It turned out that there were several places where the sending of mail was failing. First we adjusted the mail client settings. In our case we use Thunderbird so we adjusted the timeout setting under edit->preferences->advances->network and disk space. We set this to a ridiculously high setting.

Postfix timeout settings

The timeout continued, albeit after a longer period of time. So we were making progress. The next place we looked, naturally, was the maillog file on the server. Mysteriously this showed nothing related to a timeout. This should have been a big hint but we went ahead and started adjusting timeout setting from their default setting in None of this had any effect but since there are several timeout setting we assumed that it must be one of them. After hitting a brick wall it was time to consider the possibility that we were looking in completely the wrong place.

Timeout setting on the firewall

So we moved over to checking the firewall. Sure enough the firewall had a smtp proxy setup. We disabled in on the green network and sent a test mail. After a much longer period of time we still got a time out. Luckily this time we had something in the maillog file!

May 24 14:56:25 slain postfix/smtpd[20037]: timeout after DATA from unknown[]
May 24 14:56:25 slain postfix/smtpd[20037]: disconnect from unknown[]

ADSL routers and MTU settings

A quick search on google revealed that this probably related to a mtu setting. More info is available on the postifx faq. See the section on "IP path MTU discovery".

In most cases we just had to adjust the mtu setting on the ADSL routers on the client side to a lower value and the mails started going through. Hopefully performance doesn't suffer too much from the slightly smaller mtu settings.