cancel
Showing results for 
Search instead for 
Did you mean: 

Connection timed out with smtp.ntlworld.com

Rawcous
Tuning in

Hello,

I have been running my small domestic private domain servers for over 10 years now. I suddenly realised today that I am currently unable to send emails via smtp.ntlworld.com from my home location. In fact it seems that this has been the case for a few weeks now. I can however receive emails for my domain without any problems. When trying to send emails I receieve the message "Connection timed out with smtp.ntlworld.com"

I had issues last year with sending emails with DKIM / DMARC authentication which a couple of guys on this forum thankfully proved to be an issue with the Virgin Media settings on my account.

Any ideas / any more information needed from me?

Regards,

Rawcous

Proud owner of self-hosted:

Domain Mail & Web Server (Sendmail / Dovecot & Apache) - CentOS 8
Domain FTP & VPN Server (PureFTP & OpenVPN) - CentOS 8

I despise what I have become - I have become what I despise! - Rawcous - Circa. 2014
1 ACCEPTED SOLUTION

Accepted Solutions

ravenstar68
Very Insightful Person
Very Insightful Person

@Rawcous 

It looks as if VM have modified where the IMAP/POP3 SMTP gateways are.

C:\Users\timdu>dig smtp.virginmedia.com

; <<>> DiG 9.16.16 <<>> smtp.virginmedia.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52303
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;smtp.virginmedia.com. IN A

;; ANSWER SECTION:
smtp.virginmedia.com. 300 IN CNAME mail-virginmedia-com.tb.ukmail.iss.as9143.net.
mail-virginmedia-com.tb.ukmail.iss.as9143.net. 916 IN A 212.54.56.51

;; Query time: 32 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Thu Jul 01 20:17:23 GMT Summer Time 2021
;; MSG SIZE rcvd: 124

It looks as if they've taken the old Knowsley servers out of the system and have the whole lot based in the Netherlands now.

That would be why your changes blocked them out..

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

See where this Helpful Answer was posted

14 REPLIES 14

ravenstar68
Very Insightful Person
Very Insightful Person

What devices are you using to send?

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Good morning,

This is the insomniac in me reading and replying to emails at this time of morning...

Thanks for the reply - this is when sending using my own domain as I have done for the last 10+ years. I can still receive emails (I received notification to indicate there was a reply to my post), my website / ftp server / vpn server for my domain all still work. I would say looking at the emails I have sent it started on or after 12th June.

I can ping which gives:

Pinging mail-ntlworld-com.tb.ukmail.iss.as9143.net [212.54.56.52] with 32 bytes of data:
Reply from 212.54.56.52: bytes=32 time=24ms TTL=246
Reply from 212.54.56.52: bytes=32 time=24ms TTL=246
Reply from 212.54.56.52: bytes=32 time=25ms TTL=246
Reply from 212.54.56.52: bytes=32 time=23ms TTL=246

Ping statistics for 212.54.56.52:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms

A tracert to smtp.ntlworld.com gives the following:

Tracing route to mail-ntlworld-com.tb.ukmail.iss.as9143.net [212.54.56.52]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms RAW01 [192.168.1.1]
2 * * * Request timed out.
3 11 ms 10 ms 8 ms glfd-core-2b-xe-101-0.network.virginmedia.net [62.254.207.149]
4 * * * Request timed out.
5 12 ms 10 ms 10 ms m686-mp2.cvx1-b.lis.dial.ntli.net [62.254.42.174]
6 * * * Request timed out.
7 * 20 ms 19 ms us-nyc03a-rd1-xe-0-0-2-8.aorta.net [84.116.137.57]
8 21 ms 21 ms 21 ms asd-rc0001-cr101-be60-2.core.as33915.net [213.51.64.5]
9 23 ms 23 ms 22 ms tb-rc0001-cr101-et2-10.core.as9143.net [213.51.158.11]
10 26 ms 22 ms 20 ms tb-rc0001-cr103-ae25-0.core.as9143.net [213.51.160.183]
11 23 ms 21 ms 22 ms 213.51.128.12
12 23 ms 23 ms 22 ms mail-ntlworld-com.tb.ukmail.iss.as9143.net [212.54.56.52]

Trace complete.

So there is a connection to smtp.ntlworld.com

Regards,

Rawcous

Proud owner of self-hosted:

Domain Mail & Web Server (Sendmail / Dovecot & Apache) - CentOS 8
Domain FTP & VPN Server (PureFTP & OpenVPN) - CentOS 8

I despise what I have become - I have become what I despise! - Rawcous - Circa. 2014

ravenstar68
Very Insightful Person
Very Insightful Person

My first thought is that you shouldn't be using smtp.ntlworld.com anymore.

Rather you should be using smtp.virginmedia.com on port 465 SSL/TLS (NOT StartTLS) along with user authentication.  With your username as your FULL email address.

However are you able to run the following test from your linux machine?

curl -v smtps://smtp.virginmedia.com/ -u <full-email-address>:<password> 2>&1 | grep '235\|VM'

If it works you should see something like this:

 

$ curl -v smtps://smtp.virginmedia.com/ -u <my-email-address>:<my-password> 2>&1 | grep '235\|VM'

< 235 2.7.0 ... authentication succeeded

 

Obviously replace <full-email-address> and <password> with the relevant information.

Tim

P.S.  I guess I'm not the only insomniac then.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Fellow Insomniac,

Running the curl command eventually gives me a null result.

I am using smtp.ntlworld.com w/o authentication as I am using mutliple personal domain accounts, on a virginmedia connection therefore relaying via smtp.ntlworld.com w/o specifying any particular credentials should not be a problem. DKIM / DMARC / SPF all verify successfully.

I have just dicovered the following via Spamhaus where it lists my IP - this indicates VirginMedia themselves need to remove me from their block list: https://check.spamhaus.org/listed/?searchterm={MyIPAddress}

Rawcous_0-1625024423747.png

Rawcous_1-1625024539682.png

 

 

Regards,

Rawcous

Proud owner of self-hosted:

Domain Mail & Web Server (Sendmail / Dovecot & Apache) - CentOS 8
Domain FTP & VPN Server (PureFTP & OpenVPN) - CentOS 8

I despise what I have become - I have become what I despise! - Rawcous - Circa. 2014

ravenstar68
Very Insightful Person
Very Insightful Person

IGNORE THE PBL ENTRY!!!! - All residential IP addresses that are allocated via DHCP ARE MEANT TO BE THERE!!  Virgin Media will not assist in removing your IP from the PBL or SORBS DUHL (which is the same thing run by a different blacklist provider)...

I make no apologies for shouting here.  Seriously if you run your own email domain then you really need to learn a bit more about blacklists.  It's SBL and XBL entries you should be worried about, and if you're on them, you need to take action to remove the cause of the listing before going about delisting your IP

Furthermore my personal recommendation is that if you are running multiple domains then perhaps it's time to bite the bullet and hire a VPS and set up your own email server using a suite such as Mail In a Box.  It's what I use, and apart from having to jump through hoops to get Microsoft to accept my domains mail, I've not looked back.

Rant over.

VM haven't recommended the use of smtp.ntlworld.com or the other 3 legacy servers for some years now.  It's possible to amend your postfix or exim setup to relay through smtp.virginmedia.com with username authentication, and taking steps to do so would future proof your setup against any eventual sunsetting of the legacy servers.

That said if you can't reach smtp.virginmedia.com as well then you may be falling foul of some ACL or something at Virgin Media's end.  Certainly if you are sending using multiple domains without authentication then you may have attracted the attention of VM's security department.  Certainly we've seen evidence of spammers abusing the legacy servers - NOTE I'M NOT ACCUSING YOU HERE - which means VM may be taking a more pro-active stance to close down this loophole in their security.

We'd need the Forum Team to take a look.

Tim

P.S.  The curl command should definitely have worked.  The output in my previous post was a fresh one, so the server is definitely running.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Wow -- that was some rant.

My mistake with my terminologly - when I stated "I am using mutliple personal domain accounts" that was a poor explanation - I simply meant that I run my single personal domain with multiple email accounts / mailboxes - therefore as for being a spammer as per previous comments - not a chance.

As my smtp server I am using Sendmail. If relaying is done via smtp.virginmwedia.com with username authentication is that using the credentials used to simply log into my virginmedia account?

Regards,

Proud owner of self-hosted:

Domain Mail & Web Server (Sendmail / Dovecot & Apache) - CentOS 8
Domain FTP & VPN Server (PureFTP & OpenVPN) - CentOS 8

I despise what I have become - I have become what I despise! - Rawcous - Circa. 2014

ravenstar68
Very Insightful Person
Very Insightful Person

Sorry about the rant but I get quite passionate when it comes to the subject of blacklists.

Blacklists aren't designed to protect submiission servers like smtp.ntlworld.com, smtp.virginmedia.com etc, (although VM do use the CSS element of Spamhaus' SBL to do so - regardless of Spamhaus' recommendations).  They are designed to protect delivery to mail exchangers - The part of the mail system that receives inbound mail for a domain.

Personally I've never looked back since setting up an Ubuntu VPS and setting up Mail in a Box.

The hardest part was setting up SSH so it did not take password logins, and I've recently hardened it still further so it will only accept SSH connections from my home IP address.  It's certainly a lot better than having to relay outbound mail via VM's servers.

The only drawback is that it's designed to be idiot proof - which is why it's good for me 😋.  So it handles most of the configuration and any user customisations get overridden the next time it's updated.

Here's the main page - https://mailinabox.email/

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Thanks for the info: concerning "Mail In A Box" - unfortunatley it's not the solution for me as I like to physical host my own servers at home (alongside my FTP, VPN and Web Servers which all run without issue) - for me perhaps a sense of pride.

Any pointers as to where I can potentially go next?

Regards,

Proud owner of self-hosted:

Domain Mail & Web Server (Sendmail / Dovecot & Apache) - CentOS 8
Domain FTP & VPN Server (PureFTP & OpenVPN) - CentOS 8

I despise what I have become - I have become what I despise! - Rawcous - Circa. 2014

ravenstar68
Very Insightful Person
Very Insightful Person

We need the VM forum team to take a look.  Sit tight and they'll get to this thread.

Tim

P.S.  If you really want to self host, then a business connection is better with static IP addresses.  Remember although VM's IP addresses are very sticky, they're still allocated via DHCP which means that they can change.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks