Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Relay problem

  1. #11
    Bill Brock is offline Outstanding Member
    Join Date
    May 2007
    Location
    Oklahoma
    Posts
    703
    Rep Power
    8

    Default

    You need to figure out how to have your PDA work like a mail client where it will produce a login request.

    Otherwise your only solution would be to turn of DNS checking for your Zimbra server.

  2. #12
    Miklos Kalman is offline Loyal Member
    Join Date
    Dec 2007
    Location
    Hungary
    Posts
    76
    Rep Power
    7

    Default

    DNS checking is off on the server.

    A weird thing occured. I managed to track down, why I couldn't send mail from my PDA. If I disable the "TLS authentication only" in the MTA tab then I can send to any outside address not only the domain. If I enable it then it comes back with relay access denied.

    This is weird since it requires me to authenticate myself with username/password when sending (otherwise sending fails) but if I enable SSL on the PDA it cannot connect. WM6 does not have TLS provisions only SSL ones.

    So I set the smtp to zimbraserver:465 and disabled SSL on the PDA and disabled TLS only on the server and it worked. Any ideas as to how this is possible? This doesn't mean that the host does not resolve, it just means that the SSL is not working properly.

    The same thing occurs when using outlook and thunderbird. In Thunderbird I can enable SSL and SMTP works fine, under Outlook 2007 SSL does not work, only TLS.

    Any ideas?
    Last edited by Miklos Kalman; 03-01-2008 at 04:40 PM.

  3. #13
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Quote Originally Posted by phoenix View Post
    You should not have to add any external IP address if the user is Authenticating against the Zimbra server, by default an Authenticated user can relay mail through the server.
    Back when I was testing this with 4.5.1 I had to put any external IP address into the MTA trusted networks to get it to work....this could have changed since then but I haven't done any further testing on it. I'll have to check this out since if that is true then that changes a few things.

  4. #14
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    20

    Default

    Quote Originally Posted by ArcaneMagus View Post
    Back when I was testing this with 4.5.1 I had to put any external IP address into the MTA trusted networks to get it to work....this could have changed since then but I haven't done any further testing on it. I'll have to check this out since if that is true then that changes a few things.
    Quote Originally Posted by phoenix View Post
    You should not have to add any external IP address if the user is Authenticating against the Zimbra server, by default an Authenticated user can relay mail through the server.
    That would be ZimbraMtaMyNetworks - Zimbra :: Wiki. Sound's like Bill is referring to the fact that you don't need to add every last IP of people who are connecting remotely. He just didn't elaborate on how the authenticated user capability simply needs to have your local interfaces listed. You used to have to add these manually, but now in 5.0.x we do some checking to make sure 128.0.0/8 stays in & the local interfaces are added on install, as well as harder to remove from the admin console accidentally. See Bug 17753 - validation of MTA related inputs : comment #25
    Last edited by mmorse; 03-02-2008 at 01:11 AM.

  5. #15
    Bill Brock is offline Outstanding Member
    Join Date
    May 2007
    Location
    Oklahoma
    Posts
    703
    Rep Power
    8

    Default

    I still think that your PDA is not trying to authenticate. The original log you sent looks like one server talking to another instead of a client connecting to authenticate.

    Below is a log entry for a successful client to server conversation:

    Mar 2 07:04:52 webmail postfix/smtpd[11488]: connect from h134.6.249.24.cable.mcls.cablerocket.net[24.249.6.134]
    Mar 2 07:04:52 webmail postfix/smtpd[11488]: setting up TLS connection from h134.6.249.24.cable.mcls.cablerocket.net[24.249.6.134]
    Mar 2 07:04:52 webmail postfix/smtpd[11488]: TLS connection established from h134.6.249.24.cable.mcls.cablerocket.net[24.249.6.134]: TLSv1 with cipher RC4-MD5 (128/128 bits)
    Mar 2 07:04:52 webmail postfix/smtpd[11488]: 8951D2F19D: client=h134.6.249.24.cable.mcls.cablerocket.net[24.249.6.134], sasl_method=LOGIN, sasl_username=bill@brocknetworks.com
    Mar 2 07:04:52 webmail postfix/cleanup[11491]: 8951D2F19D: message-id=<000001c87c61$8e324430$6401a8c0@brocknetworks.c om>
    Mar 2 07:04:52 webmail postfix/qmgr[4638]: 8951D2F19D: from=<bill@brocknetworks.com>, size=1609, nrcpt=1 (queue active)
    Mar 2 07:04:52 webmail postfix/smtpd[11488]: disconnect from h134.6.249.24.cable.mcls.cablerocket.net[24.249.6.134]
    Mar 2 07:04:57 webmail postfix/smtpd[11537]: connect from localhost[127.0.0.1]
    Mar 2 07:04:57 webmail postfix/smtpd[11537]: 36F8425A61: client=localhost[127.0.0.1]
    Mar 2 07:04:57 webmail postfix/cleanup[11491]: 36F8425A61: message-id=<000001c87c61$8e324430$6401a8c0@brocknetworks.c om>
    Mar 2 07:04:57 webmail postfix/smtp[11492]: 8951D2F19D: to=<bjbrock@allegiance.tv>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.8, delays=0.1/0.01/0/4.6, dsn=2.0.0, status=sent (250 2.0.0 Ok: qu0 OK 4B/67-29664-88E9AC74)
    Mar 2 07:05:08 webmail postfix/qmgr[4638]: 36F8425A61: removed

  6. #16
    Miklos Kalman is offline Loyal Member
    Join Date
    Dec 2007
    Location
    Hungary
    Posts
    76
    Rep Power
    7

    Default

    And why is it that Outlook cannot connect via SSL whereas Thunderbird can. Outlook needs TLS to work correctly and won't budge in SSL mode.

    This is the same for my PDA (WM6), but there I cannot setup TLS only SSL or plain authentication. So if I want to send mail from my PDA I can only use Plain text authentication for the outgoing SMTP connection. In case of incoming WM6 allows the SSL. This is a very weird behavior don't you think?

  7. #17
    Bill Brock is offline Outstanding Member
    Join Date
    May 2007
    Location
    Oklahoma
    Posts
    703
    Rep Power
    8

    Default

    I run both Outlook 2000 and 2003 and have no problem connecting using SSL over either port 25 or 465.

    You're not checking the "Use encrypted Password" box in Outlook are you?

  8. #18
    Bill Brock is offline Outstanding Member
    Join Date
    May 2007
    Location
    Oklahoma
    Posts
    703
    Rep Power
    8

    Default

    Can you post a more detailed log similar to the one I posted?

    The first Log you posted clearly shows no login attempt.

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Relay Problem - 454 directory unavailable
    By coldfusion in forum Administrators
    Replies: 0
    Last Post: 01-24-2008, 01:48 AM
  2. [SOLVED] webmail relay problem
    By pst in forum Administrators
    Replies: 2
    Last Post: 10-29-2007, 01:24 AM
  3. Relay Problem
    By Sard in forum Installation
    Replies: 3
    Last Post: 01-07-2007, 03:21 AM
  4. strange MTA Relay Problem
    By pfuschi in forum Installation
    Replies: 0
    Last Post: 10-31-2006, 11:51 AM
  5. SMTP send relay problem
    By Billy in forum Installation
    Replies: 18
    Last Post: 12-28-2005, 12:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •