Phone Lines icon GFI Support Home Start a conversation Sign in
Start a conversation
  1. KerioControl
  2. KerioControl - Traffic Rules
  3. Articles

Troubleshooting Email Client connection issues

Overview

While facing email sending and receiving issues on PCs connected to Kerio Control network, it is necessary to identify the problem in a proper way. Email services usually include IMAP, POP3, and SMTP protocols. As these email protocols require client-server communication, the email clients such as Outlook, Apple Mail, Windows Mail are needed to set up the connection.

This article provides troubleshooting best-practices and common techniques to identify potential issues related to firewall misconfiguration.

Important: If the email server is hosted inside the local network (behind Kerio Control), specific traffic rules need to be applied. As an example, please refer to Configuring Kerio Control Firewall to Allow Kerio Connect Services.

Information

  1. Connection Limits on Kerio Control side.
    1. In Warning logs, you may notice the following line:
      Connection limit per minute for source address '192.168.5.139' reached (limit: 1200)
    2. It is possible to add an exception to your connection limits rule and add the internal IP address to this exception through an IP address group.
      Screen_Shot_2020-12-16_at_9.49.29_AM.png

      Screen_Shot_2020-12-16_at_9.51.26_AM.png
  2. The number of connections on the mail server and the client-side.
    1. Modern mail servers have built-in SMTP security settings for protecting users based on IP address limits. Kerio Connect example:
      Screen_Shot_2020-12-16_at_10.05.21_AM.png
    2. Some email clients allow modifying server connection limits. Thunderbird example:
      Screen_Shot_2020-12-16_at_10.24.04_AM.png
  3. Missing or weak security of email domain.
    1. Make sure to check your mail server settings using MXtoolbox domain health or other tools.
      Screen_Shot_2020-12-16_at_10.31.55_AM.png
    2. Configure SPF, DMARC, PTR records to ensure mail server protection is met. Kerio Connect reference guides:
      1. SPF
      2. MX and PTR
      3. DKIM and DMARC
  4. Wrong ports being used by the email client.
    1. Port scanning by external applications or websites is in place. Kerio Control will report the following in Security logs:
      IPS: Port Scan, protocol: TCP, source: 192.147.x.x, destination: 192.168.10.2, ports: 53781, 54554, 54308, 59450,56125, 54080, 54107, 54384, 55226, 54249, ...
    2. Check the PC health with external Antivirus software (Kaspersky, ESET, etc).
  5. Gather packet dump for the email client hosts and if hosted inside Control network, mail server host.
    pkt_dump.png
    Click Start and after try to fetch or send emails.
    After a few megabytes, press Stop and Download.
    Review the packet capture.
  6. Check the connection from Kerio Control SSH for the required port (IMAP, SMTP) using the Telnet tool.
    Screen_Shot_2020-12-16_at_10.46.38_AM.png

    Tip: connection refused usually means the port (IMAP 143) is closed and you need to use a secure port (993).

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments