Experiencing connection failures? Check our Status Page for the current state of all Twilio SendGrid Services.
When you send mail to our servers, you may encounter situations where mail may fail to connect or intermittently fail to connect to our servers. There can be many reasons for connection failures. This guide covers the following topics for diagnosing and resolving your issues:
Verify SendGrid application requirements
- Ensure that you are using TLS 1.2 or higher to connect to our servers. Any TLS connections lower than TLS 1.2 will be dropped and are not logged by our systems. Reference the following documentation to ensure your Email program uses TLS 1.2 or higher: https://docs.sendgrid.com/for-developers/sending-email/support-for-tls-12
- Ensure that any Twilio SendGrid helper libraries that are being used for your email application have been updated to the latest version by checking the following URL https://github.com/sendgrid/.
-
Ensure that there is no firewall that may be blocking your ability to connect to IPs behind api.sendgrid.com
- We do not recommend hard-coding IPs into your firewall rules. If you have done so, we would recommend removing those IPs and allow listing api.sendgrid.com
Error messages
There maybe occasions where customers may experience connection failures to our servers.
Those connection failures usually occur before reaching our servers and wouldn't be logged in our server logs.
Connection errors can be caused by blocks from firewalls, proxy servers, threat detection software, other network devices that maybe blocking the IP address and/or ports.
Some examples of connection errors (not an all-inclusive list) that maybe returned by the client application logs are the following:
- api.sendgrid.com -port 443 WARNING: TCP connect to (44.233.221.190 : 443) failed WARNING: TCP connect to (54.213.76.12 : 443) failed WARNING: TCP connect to (167.89.118.59 : 443) failed WARNING: TCP connect to (167.89.118.54 : 443) failed WARNING: TCP connect to (167.89.118.114 : 443) failed WARNING: Ping to 44.233.221.190 failed with status: TimedOut WARNING: Ping to 54.213.76.12 failed with status: TimedOut ComputerName : api.sendgrid.com RemoteAddress : 167.89.118.59 RemotePort : 443
- System.Net.Http.HttpRequestException: An error occurred while sending the request.---> System.IO.IOException: The response ended prematurely. at System.Net.Http.HttpConnection.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
- System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.IO.IOException: Unable to read data from the transport connection
- System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
How to resolve:
It is recommended that network administrators run a network packet trace such as wireshark.org or PCAP trace and review these traces to isolate the connections issues.
Twilio SendGrid has geopods where the IP addresses can be added or removed from those geopods at any time for maintenance, load adjustments, etc.
We recommend that customers allow list the hostname api.sendgrid.com on firewalls or other network devices.
If this is not possible, as some devices might require the IP address, a workaround can be used to query the IP addresses used for api.sendgrid.com using the following command:
dig a api.sendgrid.com
The output would be similar to this output, however, the IP addresses in this output are dynamic and will change over time.
;ANSWER SECTION:
api.sendgrid.com. 53 IN A 18.220.114.82
api.sendgrid.com. 53 IN A 52.203.156.195
api.sendgrid.com. 53 IN A 52.205.106.236
api.sendgrid.com. 53 IN A 54.90.52.143
api.sendgrid.com. 53 IN A 54.90.121.51
api.sendgrid.com. 53 IN A 54.163.95.120
api.sendgrid.com. 53 IN A 3.12.80.28
api.sendgrid.com. 53 IN A 3.82.73.119
api.sendgrid.com. 53 IN A 3.134.161.226
api.sendgrid.com. 53 IN A 13.59.15.95
api.sendgrid.com. 53 IN A 18.119.55.88
api.sendgrid.com. 53 IN A 18.216.66.23
Network administrators can then use a cron job to query the dig command every 10 or 15 minutes to obtain the IP addresses used currently.
Network administrators would be responsible for managing the data in their manual IP group for their network devices when connecting to our servers.