Interpretting packet data

asked 2022-07-19 17:28:38 +0000

dave_w gravatar image


I hope I'm not off-topic. I am not an ethernet person and know very little. But I've used Wireshark a few times to find problems. My new problem is my mail server appears to be extremely slow in connecting to my client. There can be anywhere from 10 to 20 seconds for it to respond. Other servers such as Gmail are very fast. It's only my server.

I can see my client trying to talk to the server. Where the delay is, the client sends a TCP packet to the server at 13.07 (in this one example) but the server doesn't reply with an SMTP packet until 30.43. That's 17 seconds.

So my question is, can anyone point me to documents that I can study to determine what is in the raw packet data? I'd like to be able to identify the cause of the delay, and since my client works great with other servers I have to believe it is my server.

Thanks for any pointers.


edit retag flag offensive close merge delete


Possibly the mail server is performing a DNS lookup (or something else) on the connecting client and this is stalling the response from the server. The mail server logs would be the place to look for possible delays.

grahamb gravatar imagegrahamb ( 2022-07-20 18:26:18 +0000 )edit

Good advice. Thanks. I have to dig through the log files (many, and I don't know what they all have yet). I'll post again if/when I learn more.

Thanks again!

dave_w gravatar imagedave_w ( 2022-07-20 23:59:47 +0000 )edit

Hey grahamb, It's taken a couple weeks, but you helped me get this resolved. I was able to dig into the email logs on my server and they showed the delay. It did take a lot of back and forth with my domain hosting company because web mail didn't have the problem. It turned out that my IP address was not listed as a known good IP so a spam filter was adding the long delay. The hosting company eventually found it and listed my IP and that fixed it.

Thanks again!



dave_w gravatar imagedave_w ( 2022-08-08 00:21:38 +0000 )edit