Email with attachments >5MB blocked by ZyWall USG 20

edo42
edo42 Posts: 5
First Comment
edited April 2021 in Security
We've been experiencing an issue with our USG20.
Emails with attachments bigger than around 5MB cannot be sent from devices in the LAN.
Anti-Spam is disabled and was never used. Firmware is updated to the latest revision available.
Does someone have any clue on why this is happening or what we can tweak to fix the issue.
Removing the Zywall and connecting to the gateway directly with the PC fixes the issue. It's not a client config problem or a mail server problem.

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @edo42
    Regarding to this case,
    can you disable the firewall and check it again?
    Please send me the configuration for check further. I will private message you later.
    Charlie
  • edo42
    edo42 Posts: 5
    First Comment
    Wrote you a PM. Problem is still there.
  • Blabababa
    Blabababa Posts: 151  Master Member
    First Anniversary Friend Collector First Answer First Comment
    Only >5MB will be dropped?? What kind of specific file formats that will be dropped?
  • edo42
    edo42 Posts: 5
    First Comment
    Small attachments go through fine. Attaching a 7MB PDF file does not work for example.
    It seems like the mail client starts sending the content and then the connection just times out after a minute or so.
    Removing the zyxel and connecting directly results in the mail getting sent fine in the matter of a few seconds.
  • PeterUK
    PeterUK Posts: 2,705  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 2019

    so do smaller PDF send ok?

    When sending Email is it done over SSL?

    Can you put the PDF in a ZIP and see if that sends fine.

    if you go to UTM profile > anti-virus and uncheck "Scan and detect EICAR test virus" does that help?


  • edo42
    edo42 Posts: 5
    First Comment
    Mail is sent to an IMAP server using SSL on port 587.
    Smaller files send ok, regardless of the type of file.
    I don't have a UTM Profile section, seen online what you're talking about.
    I only have a Anti-X section that contains ADP, Content Filter, Anti-Spam and DNS Inspection.
    Every option in those sections is disabled.
  • edo42
    edo42 Posts: 5
    First Comment
    Sending with SMTP from another mail account works fine with any attachment size.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @edo42,
    As I checked it locally, the attachment can be received without the issue.
    Therefore, can you do packet capture during the issue occur?
    I will private message you the details.
    Charlie

Security Highlight