Overview

When sending emails to external domains (eg: Hotmail, Gmail, etc.) from Kerio Connect email, the Kerio Connect server's IP address is blacklisted by them due to higher SMTP traffic originating from the Kerio Connect server. This results in Kerio Connect users not being able to send emails to users with email addresses belonging to those domains.

Solution

Kerio Connect Administration interface access is required for the below steps:

1. Verify that the Kerio Connect server is secured as per the mentioned steps in the Securing the Kerio Connect SMTP Server article.
2. Go to Status > Traffic Charts and check the traffic information related to SMTP for the time period when higher traffic was seen:

2. Check the security logs under Logs > Security to see if there are numerous SMTP authentication attempts/failures.
3. If there are other services running on the same Kerio Connect server, then, verify that they are not the source of any unusual traffic initiating from this server.
4. If there are any other servers reaching the internet from the same blacklisted IP address, then verify from the appropriate Firewall logs that they are not causing any high traffic.

After checking and fixing (as needed) all the above, if there's still high traffic reported by the email provider, then, you can open a Support ticket with us with the below information:

1. Firewall logs from the Kerio Connect server. This will vary as per the firewall setup in your environment.
2. The output of netstat -vanp tcp command on a terminal window of the Kerio Connect server to view the existing TCP connections and corresponding service process IDs (PIDs).
3. If this command shows that there are many connections on SMTP ports to the email provider's servers' IP addresses, then you can use the ps (Linux/macOS) or tasklist (Windows) command, to view the service name of the PID so that we can identify the service which is using the corresponding connection.
4. Other Kerio Connect logs.