Tuesday 12 January 2016

Tarpit for 'XX:XX:xx' due to 'DelayedAck',Delivered

The following message cropped up in the protocol logs for a receive connector (this was checked due to mail taking around 30 seconds to connect during the SMTP process!)

2015-12-14T17:01:41.664Z,IRIS\ExternalServer,08D304A743990E3E,24,10.0.2.40:25,10.0.2.24:1200,<,RCPT TO:<user@domain.com>,
2015-12-14T17:01:41.664Z,IRIS\ExternalServer,08D304A743990E3E,25,10.0.2.40:25,10.0.2.24:1200,>,250 2.1.5 Recipient OK,
2015-12-14T17:01:41.664Z,IRIS\ExternalServer,08D304A743990E3E,26,10.0.2.40:25,10.0.2.24:1200,<,DATA,
2015-12-14T17:01:41.664Z,IRIS\ExternalServer,08D304A743990E3E,27,10.0.2.40:25,10.0.2.24:1200,>,354 Start mail input; end with <CRLF>.<CRLF>,
2015-12-14T17:01:48.809Z,IRIS\ExternalServer,08D304A743990E3E,28,10.0.2.40:25,10.0.2.24:1200,*,Tarpit for '0.00:00:06.988' due to 'DelayedAck',Delivered

It turns out that this is a built-in / default feature (tarpit) that Microsoft applies to receive connectors to prevent spam - the maxacknowledgement is typically used as a protection mechanism to ensure that when receiving mail from non-exchange server that it is firstly delivered to the recipient before sending acknowledgment to the original sender / mail server.

To verify your existing settings issue:
Get-ReceiveConnector | select name,maxacknowledgementdelay,tarpitinterval 
To amend your current setting issue:
Set-receiveconnector "myrecieveconnector" -tarpitinterval 00:00:00
Set-receiveconnector "myrecieveconnector" -maxacknowledgementdelay 0

2 comments:

  1. syntax is slightly off, should be
    Get-ReceiveConnector | select name,maxacknowledgementdelay,tarpitinterval

    ReplyDelete