TCP Retransmissions - SMTP using TLS

asked 2021-08-25 12:28:12 +0000

just2cool gravatar image

updated 2021-08-25 13:08:42 +0000

grahamb gravatar image

anyone know possible causes after tls 1.2 change it reports retransmission and file does go out- this is with an external email relay?

A text dump of the traffic:

16246  2018-08-05 17:53:44.634509  10.88.222.194  91.429.42.299  TCP        66  58429 → 25 [SYN, ECN, CWR] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
16247  2018-08-05 17:53:44.643647  91.429.42.299  10.88.222.194  TCP        66  25 → 58429 [SYN, ACK, ECN] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=512
16248  2018-08-05 17:53:44.643685  10.88.222.194  91.429.42.299  TCP        54  58429 → 25 [ACK] Seq=1 Ack=1 Win=262656 Len=0
16249  2018-08-05 17:53:44.653433  91.429.42.299  10.88.222.194  SMTP      121  S: 220 eu-smtp-1.media.com ESMTP; Mon, 23 Aug 2021 18:53:36 +0100
16250  2018-08-05 17:53:44.653495  10.88.222.194  91.429.42.299  SMTP       76  C: EHLO [10.57.254.194]
16254  2018-08-05 17:53:44.662233  91.429.42.299  10.88.222.194  TCP        60  25 → 58429 [ACK] Seq=68 Ack=23 Win=29696 Len=0
16255  2018-08-05 17:53:44.662251  91.429.42.299  10.88.222.194  SMTP      150  S: 250-eu-smtp-1.media.com Hello [212.219.240.8] | AUTH PLAIN LOGIN | STARTTLS | HELP
16256  2018-08-05 17:53:44.662306  10.88.222.194  91.429.42.299  SMTP       64  C: STARTTLS
16257  2018-08-05 17:53:44.671116  91.429.42.299  10.88.222.194  SMTP      102  S: 220 Starting TLS [97eg9r4sO8GPfKR_153R9g.uk11]
16258  2018-08-05 17:53:44.671790  10.88.222.194  91.429.42.299  TLSv1.2   292  Client Hello
16260  2018-08-05 17:53:44.682209  91.429.42.299  10.88.222.194  TLSv1.2   144  Server Hello
16261  2018-08-05 17:53:44.682241  91.429.42.299  10.88.222.194  TCP      1514  25 → 58429 [ACK] Seq=302 Ack=271 Win=30720 Len=1460 [TCP segment of a reassembled PDU]
16262  2018-08-05 17:53:44.682256  10.88.222.194  91.429.42.299  TCP        54  58429 → 25 [ACK] Seq=271 Ack=1762 Win=262656 Len=0
16263  2018-08-05 17:53:44.684164  91.429.42.299  10.88.222.194  TLSv1.2  1514  Certificate [TCP segment of a reassembled PDU]
16266  2018-08-05 17:53:44.691546  91.429.42.299  10.88.222.194  TLSv1.2   340  Server Key Exchange, Server Hello Done
16267  2018-08-05 17:53:44.691574  10.88.222.194  91.429.42.299  TCP        54  58429 → 25 [ACK] Seq=271 Ack=3508 Win=262656 Len=0
16270  2018-08-05 17:53:44.693367  10.88.222.194  91.429.42.299  TLSv1.2   180  Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
16273  2018-08-05 17:53:44.704106  91.429.42.299  10.88.222.194  TLSv1.2    60  Change Cipher Spec
16277  2018-08-05 17:53:44.765135  10.88 ...
(more)
edit retag flag offensive close merge delete
add a comment