none
451 4.7.0 Timeout waiting for client input

    Question

  • My organization is running Small Business Server 2008 with Exchange.  After installing Exchange users reported not reciveing emails from Comcast and a few other domains.  Looking at the logs, domains including gmail and comcast are unable to deliver email to our Exchange mailboxes.  They receive an error message like the following.

    Technical details of temporary failure:
    Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 451 451 4.7.0 Timeout waiting for client input (state 18).

    Other domains send just fine. Any ideas what is causing the 451 4.7.0 connection timeout error message?  The following is an example SMTPReceive log.

     



    2009-06-08T23:15:11.964Z,,+,,
    2009-06-08T23:15:11.964Z,,SMTPSubmit SMTPAcceptAnySender SMTPAcceptAuthoritativeDomainSender AcceptRoutingHeaders,Set Session Permissions
    2009-06-08T23:15:11.964Z,,"220 remote.domain.com Microsoft ESMTP MAIL Service ready at Mon, 8 Jun 2009 16:15:11 -0700",
    2009-06-08T23:15:12.027Z,,<,EHLO smtp3.mail.com,
    2009-06-08T23:15:12.027Z,,250-remote.domain.com Hello [123.12.123.123],
    2009-06-08T23:15:12.027Z,,250-SIZE 10485760,
    2009-06-08T23:15:12.027Z,,250-PIPELINING,
    2009-06-08T23:15:12.027Z,,>,250-DSN,
    2009-06-08T23:15:12.027Z,,>,250-ENHANCEDSTATUSCODES,
    2009-06-08T23:15:12.027Z,,>,250-STARTTLS,
    2009-06-08T23:15:12.027Z,,>,250-AUTH,
    2009-06-08T23:15:12.027Z,,>,250-8BITMIME,
    2009-06-08T23:15:12.027Z,,>,250-BINARYMIME,
    2009-06-08T23:15:12.027Z,,>,250 CHUNKING,
    2009-06-08T23:15:12.105Z,,<,STARTTLS,
    2009-06-08T23:15:12.105Z,,>,220 2.0.0 SMTP server ready,
    2009-06-08T23:15:12.105Z,,*,,Sending certificate
    2009-06-08T23:15:12.105Z,,*,CN=remote.domain.com,Certificate subject
    2009-06-08T23:15:12.105Z,,*,CN=ecf-DOMAINSERVER-CA,Certificate issuer name
    2009-06-08T23:15:12.105Z,,*,,Certificate serial number
    2009-06-08T23:15:12.105Z,DOMAIN\Windows SBS Internet Receive DOMAIN,,20,,*,,Certificate thumbprint
    2009-06-08T23:15:12.105Z,DOMAIN\Windows SBS Internet Receive DOMAIN,,21,,,*,remote.domain.com;domain.com;DOMAIN.local,Certificate alternate names
    2009-06-08T23:15:12.355Z,,EHLO smtp3.mail.com,
    2009-06-08T23:15:12.355Z,,250-remote.domain.com Hello [123.12.123.123],
    2009-06-08T23:15:12.355Z,,250-SIZE 10485760,
    2009-06-08T23:15:12.355Z,,250-PIPELINING,
    2009-06-08T23:15:12.355Z,,250-DSN,
    2009-06-08T23:15:12.355Z,,250-ENHANCEDSTATUSCODES,
    2009-06-08T23:15:12.355Z,,250-AUTH,
    2009-06-08T23:15:12.355Z,,250-8BITMIME,
    2009-06-08T23:15:12.355Z,,>,250-BINARYMIME,
    2009-06-08T23:15:12.355Z,,>,250 CHUNKING,
    2009-06-08T23:15:12.433Z,,<,MAIL From:<email@comcast.net> SIZE=52018,
    2009-06-08T23:15:12.433Z,DOMAIN\Windows SBS Internet Receive DOMAIN,,,,,,,receiving message
    2009-06-08T23:15:12.433Z,,250 2.1.0 Sender OK,
    2009-06-08T23:15:12.496Z,,RCPT To:<email@domain.com>,
    2009-06-08T23:15:12.496Z,,250 2.1.5 Recipient OK,
    2009-06-08T23:15:12.496Z,,DATA,
    2009-06-08T23:15:12.496Z,,354 Start mail input; end with <CRLF>.<CRLF>,
    2009-06-08T23:15:20.277Z,,451 4.7.0 Timeout waiting for client input,
    2009-06-08T23:15:20.277Z,,,Local
    2009-06-08T23:16:03.276Z,,451 4.7.0 Timeout waiting for client input,
    2009-06-08T23:16:03.276Z,,,Local

    Wednesday, June 10, 2009 5:32 PM

Answers

  • The issue was with the network.  The Qwest Actiontec M1000 DSL modem was dropping packets larger than 1464.  Using ping IP_address -f -l 1472, the computer would return request timed out.  I adjusted the MTU setting for the network card according to KB article 314825 and the SMTP 451 Timeout Waiting for Client Input no longer occurs. 

    http://support.microsoft.com/default.aspx/kb/314825



    • Marked as answer by Mercer09 Friday, June 19, 2009 10:21 PM
    Friday, June 19, 2009 10:21 PM

All replies

  • You should probably get a network trace -- ideally from a 3rd machine.  The third machine will need to be in promiscuous mode, and you'll either have to attach a hub, or replicate the switch port.

    In any case, I suspect the issue is either:
     - CRLF . CRLF not being sent
     - a networking issue of some sort that is preventing CRLF . CRLF from being received
     - CRLF . CRLF not being interpreted

    -Scott

    • Proposed as answer by Mike Shen Friday, June 12, 2009 7:53 AM
    Wednesday, June 10, 2009 6:31 PM
  • The issue was with the network.  The Qwest Actiontec M1000 DSL modem was dropping packets larger than 1464.  Using ping IP_address -f -l 1472, the computer would return request timed out.  I adjusted the MTU setting for the network card according to KB article 314825 and the SMTP 451 Timeout Waiting for Client Input no longer occurs. 

    http://support.microsoft.com/default.aspx/kb/314825



    • Marked as answer by Mercer09 Friday, June 19, 2009 10:21 PM
    Friday, June 19, 2009 10:21 PM
  • You are a legend Mercer09. It took me a couple of days to work this one out until i saw this post. Basically my client had to change their router and after doing so, they were only able to receive emails from some domains and not others. As soon as I added an MTU value into the registry and restarted the server, BANG! everything was back to normal.
    Monday, August 31, 2009 4:51 AM
  •  

    I had a similar issue with fortigate firewall. I could not able to resolve this issue with fortigate. Fortunately I had a Cisco PIX firewall in my stock. Eventhough it is not a best practise I have replaced the fortigate firewall with Cisco PIX mail flow started perfectly without any issues.

    If any fortigate experts are seeing this forum please suggest what has to be done for solving this issue.

     

    • Proposed as answer by IITMLB Tuesday, February 12, 2013 11:43 PM
    Monday, August 23, 2010 4:51 AM
  •  

    I had a similar issue with fortigate firewall. I could not able to resolve this issue with fortigate. Fortunately I had a Cisco PIX firewall in my stock. Eventhough it is not a best practise I have replaced the fortigate firewall with Cisco PIX mail flow started perfectly without any issues.

    If any fortigate experts are seeing this forum please suggest what has to be done for solving this issue.

     


    I have escalated this case to fortigate and they resolved the issue by executing the following commands on the fortigate firewall.

    set tcp-mss-sender1452
    set tcp-mss-receiver1452

     


    Santhosh Sivaraman MCITP: Microsoft Exchange Server 2007/2010 | MCSE/MCSA
    Tuesday, October 05, 2010 6:08 AM
  • I am receiving emails from all domain but problem with only one Domain. When I checked logs on edge server I found same error for one domain “451 4.7.0 Timeout waiting for client input”

    I have done lot of search but all says this is network device issue, but as my concern I am receiving email from worldwide except one domain.

    Please let me know if this is network issue or do I need to check something in receive connector? We are using FPE as an email Gateway

    Wednesday, March 26, 2014 4:42 AM
  • right now, i am having this kind of issue, but my case, edge server unable to receive mails with more than 4 MB attachment mail. i checked with SMTPRECEIVE log and found 

      21724 times of -- 421 4.4.1 Connection timed out           
     1816 times of -- 451 4.7.0 Timeout waiting for client input 

    kesav


    • Edited by RK7L Wednesday, July 09, 2014 6:09 AM correction
    Wednesday, July 09, 2014 6:07 AM
  • Just posting to say a big thank you Mercer09, after hours of troubleshoting i just adjusted the MTU on my firewall on the WAN side (from 1500 to 1460 - this value came up after doing many ping tests) and ALL the e-mails now are arriving w/o problems.

    Thank You so much!
    Cheers

    Luca

    Wednesday, September 21, 2016 3:23 PM
  • I have an Exchange server 2013 configured to use a  smart host to appriver spam filtering . this problem has been happening over 1 year and it is random . Some E-mails are getting stuck in the queue . on the wireshark side i have the following error :

    1. Response: 451 4.7.0 Timeout for client input
    2. Response Code: Requested action aborted: local error in processing(451)
    3.  Response parameter: 4.7.0 Timeout waiting for client input

    on the appriver side : 

    10:20:37.798 4 SMTP-109365(servername:25) rsp: 250 2.1.5 Recipient OK 10:20:37.798 4 SMTP-109365(servername:25) cmd: DATA 10:20:37.844 4

    SMTP-109365(servername:25) rsp: 354 Start mail input; end with <CRLF>.<CRLF> 10:20:56.939 3 SMTP-109365(servername:25) read failed. Error Code=connection reset by peer

    i can ping from the exchange to outside with the MTU set in the ping to 1472. any help would be greatly appreciated. 

    Thank You Everyone !




    • Edited by Elieraad Friday, April 21, 2017 4:17 PM
    Friday, April 21, 2017 1:26 PM