Sending email with attachments problem
- 
 This is a wild guess. You may have a problem similar to one I saw at a friend's house. They have an ADSL modem/router/wireless-AP box. There is a MAC directly connected to the ADSL modem and a PC wirelessly connected to the ADSL modem. 
 The MAC could successfully send any emails, the PC could only send email's without attachments and the error reported was something like what you reported. On investigation I found that larger packets were not getting through on the wireless link.You may have a configuration problem such that larger packets are not getting to your mail server (hence emails with attachments have problems) but shorter packets do (hence emails without attachments get through successfully). Have you tweaked MTU settings somewhere on your network? (Unless you have special reason to change them, you should leave MTU setting in pfSense at the default values.) Since you don't have problems when the PC is directly connected to the router but do when the pfSense is between the router and it would seem likely the problem is in the pfSense box BUT your router may have multiple ports and when you tested with the PC directly connected to the router you may not have used the same router port in all your tests. To check if there is an MTU size problem, from your PC ping the router with packets of various sizes from 1500 down. If that works try to ping your external email server (the SMTP server) with packets of varying sizes from 1500 down. On a windows PC, from command prompt, the command _ping -l <size><destination></destination></size>_e.g. ping -l 1500 myrouter (that's -l, lower case L) does the job. You may have to tweak firewall rules for the ping to work. 
- 
 Ah great, yes I remember changing the values of the MTU. Let me have it set to default again and try to send the e-mail. Yes, what happened to your friend is exactly the same thing that is happening to me. I can also send e-mails without attachments. Let me try it when I get to the office and will keep you updated :) Thank you very much, that is really a huge piece of advise. 
- 
 Just tried what you advised, unfortunately it still didn't worked. I've tried to ping my smtp server down to 1272 (1273 - 1500 just gives me a request timed out) and was hoping that it's going to work. :( unfortunately it still didn't. My last resort is to reset to default config and reconfigure the packages again. Though I'm still not sure if it's going to work with default config but still worth a try. Thanks again. 
- 
 Just tried what you advised, unfortunately it still didn't worked. I suggested a few things. Did you try only the suggestion you reported on? If not, what was the outcome of your attempts on the other suggestions? Did you check MTU in the router? From my pfSense box I can ping internet boxes and get replies with a size of 1478. If you can get only 1272 between your PC and SMTP server I suspect you have a mismatch between your PC's expectation and what is actually available on the network. 
- 
 will try all your suggestions and will give you a feedback. edit: I thought I got it resolved… I just noticed the pc i was using was having the ip of the router as its gateway, hence, the data was not passing thru pfsense. 
- 
 Hang on, do you have the WAN and LAN interfaces of the pfSense host on the same subnet? 
- 
 I had a similar problem. My net look like this: world (adsl) world(another adsl) client (172.16.2.250) | | |_____________________ pfsense (172.16.2.244)_____other router (172.16.2.245) | DMZ (192.16.1.x)And this is my static route table | Interface | Network | Gateway | Description | 
 | LAN | 192.168.1.0/24 | 172.16.2.245 | lan -> dmz |The smtp server is in the dmz (192.168.1.18), and I can send mails, but I can't with attachments. 
 This is the traceroute from any client:C:\Documents and Settings\win>tracert 192.168.1.18 Traza a la dirección 192.168.1.18 [192.168.1.18] sobre un máximo de 30 saltos: 1 <1 ms <1 ms <1 ms 172.16.2.244 2 2 ms <1 ms <1 ms 172.16.2.245 3 1 ms <1 ms <1 ms 192.168.1.18 [192.168.1.18] Traza completa.firewall -> filter: 
 Default LAN -> any
 But I still can't send mail with attachments. Then I found this option (system->advanced)
 Static route filtering Bypass firewall rules for traffic on the same interface
 This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where multiple subnets are connected to the same interface.Seems to work for me. ps: sorry for my tarzan-like "english" 
- 
 We were seeing the exact same symptom (can't send via SMTP with attachments) and it turned out to be a faulty NIC in our pfSense box. Go to status/interfaces and make sure that your WAN (LAN too for that matter) interfaces show zero I/O errors (0/0). If you see errors, I would try moving or replacing the interface. If you move and you're still seeing errors, it would be on your ADSL box side. You'll have to deal with your ISP if that's the case. Good luck. 
- 
 I'm having some problems sending e-mails thru external smtp whenever there's an attachment. But if I send an e-mail without attachments, it's passing through.. any ideas? Thanks I solved similar problem (cca 1kb pf box sends widthout problem, larger not) like this 
 1. updated from 1.2 to 1.2.3 snapshot firmware (less out errors on via lan)
 2. Disable Hardware Checksum Offloading in pfbox and in all clients (realtek have this problem)
 Problematic pf box was VIA C3 micro atx solution (via lan onboard, and 2nd lan is rtl glan).
- 
 I'm having the exact same problem and none of the solutions so far have solved it. Here is my setup. [WAN] 
 |
 [Non PF router]
 | |
 [10.0.0.0/16] [PF Passive Firewall]
 |
 [DMZ - 172.16.0.0/16]If a client from the untrusted network [10.0.0.0/16] attempts to use the mail server, located in the DMZ, everything works fine UNLESS there is an attachment. If there is an attachment, smtp times out. A second client located in the DMZ can send out through the mail server fine with or without attachments. WAN clients can also send with and without attachments with no problems. Trying temporary PF rules allowing any/any from 10.0.0.0/16 to the mail server did not fix anything, but physically removing the PF firewall from the chain did. Any suggestions? No IP errors, turned off Hardware Checksum Offloading, turned on static route filtering, nothing has worked. -John 
- 
 You didn't mention whether you had verified the MTU. Does it depend on mail client (e.g. Outlook vs Thunderbird)? Does it depend on attachment size (e.g. does it happen with 100 byte attachments, 1k byte, 10k bytes) ? What is reported on client? on server? when the mail transfer fails. 
- 
 I forgot about the MTU. MTU setting is default, but I can't pass packets larger than 1472 bytes. Looking into the MTU issue more. Let me know if you have any suggestions. Thanks -edit- Problem only seems to occur with attachments bigger than around 30k. Happens regardless of platform, connection times out. 
- 
 If lan and wan interface same subnets (e.g:1.1.1.1/24) , problem is. 
 I could not find a solution ???
