2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
Printable Version of Topic
Click here to view this topic in its original format |
XMail Forum > Documentation and Knowledge Base > ASSP SMTP Auth Problem after Upgrade to 1.24 |
Posted by: Andy Aug 4 2007, 12:08 PM |
I have a weird problem - I have tried to upgrade from 2.22 to 2.24 (just by placing new files in the bin directory) mostly seems to work except for users authenticating and sending mail. I use assp infront of xmail and this just gives a connection timeout error. I have put 2.22 back and that works fine. I have tried manual telnet and sent mail to a local user ok Users can POP ok. I have run xmail in debug mode and this shows nothing except open smtp connection and then close smtp connection The logs don't have an entry for these transactions. I am stumped and all I can think of is its a problem with authenticating? Can anyone suggest how I can find the problem? Thanks Andy. |
Posted by: Andy Aug 5 2007, 05:37 PM |
After doing more tests it would appear that there is a problem between assp and ver 2.24 of xmail. If I connect my email client directly to port 225 the email is sent fine but if I use port 25 and go through assp nothing appears to happen and I get a timeout error. I have now duplicated this on a test machine - very weird all works fine with ver 2.22 but as soon as I use 2.24 I can't send email - still guessing it is something to do with authentication as I can manually telnet to port 25 and send a local email. I don't know how to telnet and authenticate so I can't test that. I am stuck - I don't know how to find the problem. Is anyone else using assp with this version? Andy. |
Posted by: hschneider Aug 5 2007, 08:13 PM |
Use a mail client (e.g. Thunderbird) to send a test mail with authentication. Any errors ? |
Posted by: Andy Aug 5 2007, 09:06 PM |
I have tried with outlook and outlook express - it fails Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. The error tells me nothing of what is actually happening. I know it is something to do with the new version - I can put the old version back it works fine. Thanks Andy. |
Posted by: Andy Aug 5 2007, 09:17 PM |
I am even more stumped - I have done a manual telnet session where I authenticate as well and it works fine? It just appears that the email clients have the problem - i am totally confused! Is there anyway to monitor the actually smtp communication? I have tried the pre-release of 2.25 as well - same problem. ASSP shows the SMTP connection but no details - not even the helo response - so it doesn't look like it does anything except open the connection?? Interesting - I have a message in my outbox that I have been trying to send but getting timeout error, but if I then go into the properties and turn off the option that says "my outgoing server requires authentication" I then get the expected error relaying not allowed - but the relaying error will come from assp not xmail so it must be a problem with assp and xmail communicating? Andy. |
Posted by: hschneider Aug 6 2007, 06:34 AM |
Solve the problem with the regular mail client, then the prob with ASSP will be solved too. You can monitor a SMTP session with e.g. Wireshark: http://wireshark.org/ Pls post your server.tab |
Posted by: Andy Aug 6 2007, 08:11 AM |
I will download wireshark I have the following command line parameters (normally with a public ip but on my test system I have changed them to 127.0.0.1) -ci 127.0.0.1 -fi 127.0.0.1 -SI 127.0.0.1:225 -pi 127.0.0.1 -Mr 24 -Pl -Sl -Ql -Yl -Fl -Ll -Qg server tab # # Example configuration file. # Note : remember to use _REAL_ TABs and " to format this file # "RootDomain" "xxx.co.uk" "POP3Domain" "xxx.co.uk" "HeloDomain" "mail.xxx.co.uk" "PostMaster" "postmaster@xxx.co.uk" "ErrorsAdmin" "postmaster@xxx.co.uk" "SmtpServerDomain" "mail.xxx.co.uk" #"TempErrorsAdmin" "send-failures@xmailserver.test" #"DefaultSMTPGateways" "192.168.1.2,192.168.1.15" "RemoveSpoolErrors" "1" #"DisableEmitAuthUser" "1" #"NotifyMsgLine***tra" "8" #"NotifySendLogToSender" "0" #"NotifyTryPattern" "1" "MaxMTAOps" "16" "ReceivedHdrType" "0" "FetchHdrTags" "+X-Deliver-To,+Received,To,Cc" #"CustomSMTPMessage" "Please open http://www.xmailserver.test/smtp_errors.html to get more informations about this error" #"MaxMessageSize" "20000" "EnableAuthSMTP-POP3" "0" #"Pop3SyncErrorAccount" "psync-errors@xmailserver.test" #"AllowNullSender" "1" #"AllowSmtpVRFY" "1" #"AllowSmtpETRN" "1" #"SmtpMinDiskSpace" "100000" #"SmtpMinVirtMemSpace" "64000" #"Pop3MinVirtMemSpace" "64000" #"CustMapsList" "sbl-xbl.spamhaus.org.:0,bl.spamcop.net.:0" #"SMTP-RDNSCheck" "1" #"CheckMailerDomain" "1" #"SmartDNSHost" "dns.home.bogus.net:tcp,192.168.1.1:udp" #"DynDnsSetup" "www.dns4ever.com,80,/sys/u.cgi?d=MYDOMAIN&u=MYUSERNAME&p=MYPASSWORD&i=%s" #"DynDnsSetup" "members.dyndns.org,80,/nic/dyndns?action=edit&started=1&hostname=YES&host_id=yourhost.ourdomain.ext&myip=% s&wildcard=OFF&mx=mail.exchanger.ext&backmx=NO,foouser,foopasswd" #"SmtpConfig" "mail-auth" #"SmtpConfig-192.168.0.1" "mail-auth" "DefaultSmtpPerms" "MRVZ" #"SMTP-TLS" "0" |
Posted by: hschneider Aug 6 2007, 08:41 AM |
This looks OK. Additionally you should - Stop XMail - Delete all inside MailRoot/tabindex - Start XMail |
Posted by: Andy Aug 6 2007, 09:18 AM |
I have sniffed the conversations - first with 2.22 which works and then with 2.24 which doesn't I have no ideas - 2.24. just stops at the point where AUTH LOGIN should be sent - I still have to assume it is something to do with the assp proxy because it works fine if I point the client direct to port 225 but the only change is xmail 2.22 to 2.24??????? I can't be the only one with this problem? 2.22 220 <1186387304.5532@mail.xxx.co.uk> [XMail 1.22 ESMTP Server] service ready; Mon, 6 Aug 2007 09:01:44 +0100 EHLO ASUMMERS 250-xxx.co.uk 250-VRFY 250-ETRN 250-8BITMIME 250-AUTH LOGIN PLAIN CRAM-MD5 250 SIZE AUTH LOGIN 334 VXNlcm5hbWU6 YW5keUBzcGlkZXJ3ZWJzb2Z0d2FyZS5jby51aw== 334 UGFzc3dvcmQ6 TG90dGll 235 Authentication successful MAIL FROM: <andy@xxx.co.uk> 250 OK RCPT TO: <xxxx@xxxx.com> 250 OK DATA 354 Start mail input; end with <CRLF>.<CRLF> Message-ID: <B2A3E3ACCA2E418D9D9BB51DDEC4F292@zzz.local> From: "rtrettre" <andy@xxx.co.uk> To: <xxxx@xxxx.com> Subject: test Date: Mon, 6 Aug 2007 09:01:44 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; .boundary="----=_NextPart_000_000E_01C7D808.694D2570" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Windows Mail 6.0.6000.16480 X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16480 This is a multi-part message in MIME format. ------=_NextPart_000_000E_01C7D808.694D2570 Content-Type: text/plain; .charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable test ------=_NextPart_000_000E_01C7D808.694D2570 Content-Type: text/html; .charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.6000.16481" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>test</FONT></DIV></BODY></HTML> ------=_NextPart_000_000E_01C7D808.694D2570-- . 250 OK <SE357F> QUIT 221 [XMail 1.22 ESMTP Server] service closing transmission channel 2.24 220 mail.xxx.co.uk <1186387448.3084@mail.xxx.co.uk> [XMail 1.24 ESMTP Server] service ready; Mon, 6 Aug 2007 09:04:08 +0100 EHLO ASUMMERS 250-xxx.co.uk 250-VRFY 250-ETRN 250-8BITMIME 250-AUTH LOGIN PLAIN CRAM-MD5 250-SIZE |
Posted by: Andy Aug 6 2007, 09:41 AM |
Just a small difference - but could it be because 2.22 has "250 SIZE" and 2.24 has "250-SIZE"?? If you telnet directly to port 225 and do ehlo xxx you get 250-SIZE 250 STARTTLS but if you telnet to port 25 (assp) you just get 250-SIZE Is the client waiting for last line? Thanks Andy. |
Posted by: hschneider Aug 6 2007, 09:46 AM |
OK ... this shows definitely a client side (in this case ASSP) problem. XMail lists its protocol capabilites and waits for the client's next command which is not issued. Why not skipping SMTP AUTH for ASSP by entering "127.0.0.1" "255.255.255.0" in your smtprelay.tab ? |
Posted by: Andy Aug 6 2007, 09:56 AM |
I can't do that because assp doen't authenticate my users, I would be an open relay if I did that. I will have to see if I can figure out why assp misses the last command. Was a tricky issue to track down - Thanks for your help - its been invaluable! Would it be worth making this problem more obvious on the forum - there is bound to be others that come across it. Thanks again, Andy. |
Posted by: hschneider Aug 6 2007, 10:12 AM | ||
Seen this one ? http://assp.sourceforge.net/fom/cache/162.html
|
Posted by: Andy Aug 6 2007, 12:53 PM |
ASSP delibrately removes the starttls command because it doesn't support it. I have added a bug ticket to the project http://sourceforge.net/tracker/index.php?func=detail&aid=1768223&group_id=69172&atid=523647 I have modified the assp script - is only a workaround as my perl script is very dodgy but I think it will do the trick for now! |
Posted by: ndoeberlein Oct 15 2007, 04:26 PM |
Sorry to tap onto this late... You shouldn't need to modify the script as this is a client issue. You would have the mail clients use 995 (SSL-POP3) and 465 (SSL-SMTP) for your secure connections to XMail, and then 25 is for normal SMTP traffic. ASSP doesn't get involved except for port 25 traffic. |