Sending email with attachments problem
- 
 @Cry: Unless you've done some very strange things to your pfSense setup, it isn't a pfSense problem. the only things i have in my pfSense is Lightsquid, BandwidthD, Squid and SquidGuard. Do you think any of these add on packages are related to my issue? No, start checking on your mailserver and se what happends with the mail there also check the mail header of the mail and se if you can see anything of intrest there. /F Actually, I've tried sending the e-mail with attachments directly without passing thru pfsense and it went ok. So means, there's nothing wrong with our mail server. Just to clarify, the smtp server we are trying to connect to is out of our Local LAN, if we try to connect to our Local Mail Server, everything will be fine. The reason I need to have this working is for other users (visitors) connecting to our network to be able to send e-mails thru their mail service providers. 
- 
 I have pfSense acting as a firewall between my home network and the internet. Three PCs on my home network can send mail (with or without attachments) by establishing a SMTP connection with my ISP's mail SMTP server on the internet. 
 I don't recall that I had to do anything special for this mail access. I suspect this is a pretty common experience, hence the responses that what you are describing is not a pfSense problem.I'm having some problems sending e-mails thru external smtp whenever there's an attachment. But if I send an e-mail without attachments, it's passing through. It would probably help if you described the nature of the problem. For example, the mails with attachments have the attachments stripped, they disappear entirely, they take an inexplicable long time to deliver, the SMPT server refuses to forward them, the mails are returned with an error message saying they couldn't be delivered, etc. In the event that something is complaining about the emails with attachments it would also help to provide the text of the complaint for that text may identify the system finding fault with the email and may show the email is not being processed by the system you think should be processing it. Actually, I've tried sending the e-mail with attachments directly without passing thru pfsense and it went ok. So means, there's nothing wrong with our mail server. Just to clarify, the smtp server we are trying to connect to is out of our Local LAN, if we try to connect to our Local Mail Server, everything will be fine. The reason I need to have this working is for other users (visitors) connecting to our network to be able to send e-mails thru their mail service providers. I don't understand this. Do you mean that if you send email to your local LAN SMTP server for delivery to a user of your local LAN (so the message does not go out on the internet) it is delivered correctly but if you try to send the message to a SMTP server on the internet (does it matter if its for delivery to a user on the local LAN's SMTP server or to an "external" user?) something goes wrong? Have you set up some firewall rules for special mail handling, for example to redirect all mail through your on-lan SMTP server? 
- 
 @wallabybob 
 Thanks for sharing that you didn't had the same problem. As requested here's the error message the appears from Outlook Express, I'm getting a time out.Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Subject 'test send attach file', Account: 'Test_Account', Server: 'my.smtpserver.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10053, Error Number: 0x800CCC0F to explain further here's my current setup… 
 Router -> Pfsense -> Client PCif I use the above configuration, I would be able to send e-mails thru external SMTP. But if I use this configuration… Router -> ClientPC There will be no issues sending e-mails. The smtp server is based outside our network and accessible only thru internet. I am not really sure if this issue comes from pfSense or from some of the packages installed. I guess I just have to revert from factory defaults and do it again from scratch. Thanks. 
- 
 This is a wild guess. You may have a problem similar to one I saw at a friend's house. They have an ADSL modem/router/wireless-AP box. There is a MAC directly connected to the ADSL modem and a PC wirelessly connected to the ADSL modem. 
 The MAC could successfully send any emails, the PC could only send email's without attachments and the error reported was something like what you reported. On investigation I found that larger packets were not getting through on the wireless link.You may have a configuration problem such that larger packets are not getting to your mail server (hence emails with attachments have problems) but shorter packets do (hence emails without attachments get through successfully). Have you tweaked MTU settings somewhere on your network? (Unless you have special reason to change them, you should leave MTU setting in pfSense at the default values.) Since you don't have problems when the PC is directly connected to the router but do when the pfSense is between the router and it would seem likely the problem is in the pfSense box BUT your router may have multiple ports and when you tested with the PC directly connected to the router you may not have used the same router port in all your tests. To check if there is an MTU size problem, from your PC ping the router with packets of various sizes from 1500 down. If that works try to ping your external email server (the SMTP server) with packets of varying sizes from 1500 down. On a windows PC, from command prompt, the command _ping -l <size><destination></destination></size>_e.g. ping -l 1500 myrouter (that's -l, lower case L) does the job. You may have to tweak firewall rules for the ping to work. 
- 
 Ah great, yes I remember changing the values of the MTU. Let me have it set to default again and try to send the e-mail. Yes, what happened to your friend is exactly the same thing that is happening to me. I can also send e-mails without attachments. Let me try it when I get to the office and will keep you updated :) Thank you very much, that is really a huge piece of advise. 
- 
 Just tried what you advised, unfortunately it still didn't worked. I've tried to ping my smtp server down to 1272 (1273 - 1500 just gives me a request timed out) and was hoping that it's going to work. :( unfortunately it still didn't. My last resort is to reset to default config and reconfigure the packages again. Though I'm still not sure if it's going to work with default config but still worth a try. Thanks again. 
- 
 Just tried what you advised, unfortunately it still didn't worked. I suggested a few things. Did you try only the suggestion you reported on? If not, what was the outcome of your attempts on the other suggestions? Did you check MTU in the router? From my pfSense box I can ping internet boxes and get replies with a size of 1478. If you can get only 1272 between your PC and SMTP server I suspect you have a mismatch between your PC's expectation and what is actually available on the network. 
- 
 will try all your suggestions and will give you a feedback. edit: I thought I got it resolved… I just noticed the pc i was using was having the ip of the router as its gateway, hence, the data was not passing thru pfsense. 
- 
 Hang on, do you have the WAN and LAN interfaces of the pfSense host on the same subnet? 
- 
 I had a similar problem. My net look like this: world (adsl) world(another adsl) client (172.16.2.250) | | |_____________________ pfsense (172.16.2.244)_____other router (172.16.2.245) | DMZ (192.16.1.x)And this is my static route table | Interface | Network | Gateway | Description | 
 | LAN | 192.168.1.0/24 | 172.16.2.245 | lan -> dmz |The smtp server is in the dmz (192.168.1.18), and I can send mails, but I can't with attachments. 
 This is the traceroute from any client:C:\Documents and Settings\win>tracert 192.168.1.18 Traza a la dirección 192.168.1.18 [192.168.1.18] sobre un máximo de 30 saltos: 1 <1 ms <1 ms <1 ms 172.16.2.244 2 2 ms <1 ms <1 ms 172.16.2.245 3 1 ms <1 ms <1 ms 192.168.1.18 [192.168.1.18] Traza completa.firewall -> filter: 
 Default LAN -> any
 But I still can't send mail with attachments. Then I found this option (system->advanced)
 Static route filtering Bypass firewall rules for traffic on the same interface
 This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where multiple subnets are connected to the same interface.Seems to work for me. ps: sorry for my tarzan-like "english" 
- 
 We were seeing the exact same symptom (can't send via SMTP with attachments) and it turned out to be a faulty NIC in our pfSense box. Go to status/interfaces and make sure that your WAN (LAN too for that matter) interfaces show zero I/O errors (0/0). If you see errors, I would try moving or replacing the interface. If you move and you're still seeing errors, it would be on your ADSL box side. You'll have to deal with your ISP if that's the case. Good luck. 
- 
 I'm having some problems sending e-mails thru external smtp whenever there's an attachment. But if I send an e-mail without attachments, it's passing through.. any ideas? Thanks I solved similar problem (cca 1kb pf box sends widthout problem, larger not) like this 
 1. updated from 1.2 to 1.2.3 snapshot firmware (less out errors on via lan)
 2. Disable Hardware Checksum Offloading in pfbox and in all clients (realtek have this problem)
 Problematic pf box was VIA C3 micro atx solution (via lan onboard, and 2nd lan is rtl glan).
- 
 I'm having the exact same problem and none of the solutions so far have solved it. Here is my setup. [WAN] 
 |
 [Non PF router]
 | |
 [10.0.0.0/16] [PF Passive Firewall]
 |
 [DMZ - 172.16.0.0/16]If a client from the untrusted network [10.0.0.0/16] attempts to use the mail server, located in the DMZ, everything works fine UNLESS there is an attachment. If there is an attachment, smtp times out. A second client located in the DMZ can send out through the mail server fine with or without attachments. WAN clients can also send with and without attachments with no problems. Trying temporary PF rules allowing any/any from 10.0.0.0/16 to the mail server did not fix anything, but physically removing the PF firewall from the chain did. Any suggestions? No IP errors, turned off Hardware Checksum Offloading, turned on static route filtering, nothing has worked. -John 
- 
 You didn't mention whether you had verified the MTU. Does it depend on mail client (e.g. Outlook vs Thunderbird)? Does it depend on attachment size (e.g. does it happen with 100 byte attachments, 1k byte, 10k bytes) ? What is reported on client? on server? when the mail transfer fails. 
- 
 I forgot about the MTU. MTU setting is default, but I can't pass packets larger than 1472 bytes. Looking into the MTU issue more. Let me know if you have any suggestions. Thanks -edit- Problem only seems to occur with attachments bigger than around 30k. Happens regardless of platform, connection times out. 
- 
 If lan and wan interface same subnets (e.g:1.1.1.1/24) , problem is. 
 I could not find a solution ???
