Since several months I have sporadic problems when I send emails.
With tcpdump I finally found out that I'm getting "Port unreachable" messages from what seems to be my email provider, according to the source IP. But my email provider says they cannot find a problem in their network and say it must be in my network. To exclude problems from the firewall I setup port mirroring and captured the packets on the port connected to my cable modem which is operating as a bridge.
I did a lot of troubleshooting already. I see:
- the errors happen both when I send from my Android phone on Wi-Fi or from Thunderbird on my wired PC.
- the errors happen when I send to the email-provider to SMTP port 465 or 587
- it's not happening always; after some tries finally the mail gets send; or it is sent at the first try
- I just saw that I'm also getting "Port Unreachable" sent by my DNS resolver to the forwarding DNS Server (1.1.1.1, 1.0.0.1) when receiving DNS responses. I guess this is unrelated to the email problem, but who knows?
Here is one example of the ICMP error I'm getting.
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x8c59 [correct]
[Checksum Status: Good]
Unused: 00000000
Internet Protocol Version 4, Src: <my-ip>, Dst: <smtp-server-ip>
Transmission Control Protocol, Src Port: 48624, Dst Port: 587, Seq: 3998125229
Source Port: 48624
Destination Port: 587
Sequence number: 3998125229
[Stream index: 0]
Acknowledgment number: 0
Acknowledgment number (raw): 0
1010 .... = Header Length: 40 bytes (10)
Flags: 0x002 (SYN)
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0x3680 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
[Timestamps]
What can go wrong here, and at which part of the network? Is it plausible, that the problem is neither in my network nor in the email provider's network?
