Results 1 to 6 of 6

Thread: External MTA and TLS Question

  1. #1
    3RiversTechAdmin's Avatar
    3RiversTechAdmin is offline Special Member
    Join Date
    Oct 2006
    Posts
    100
    Rep Power
    8

    Red face External MTA and TLS Question

    Hey Everyone,

    I have a P4 2.8 GHz, with 1.5 GB RAM and 250 GB x2 SATA drives in RAID 1, I am running Version 4.0.2_GA_362.DEBIAN3.1
    Performance is good.

    I have a couple of quick questions,

    Currently I have a Zimbra box using another mail server on my network for external delivery. I would like to turn this off.
    What should the servers external relay MTA be set as in the admin console? Also, what should zimbraMtaRelayHost and zimbraMtaDnsLookupsEnabled be set to?

    My second question is related to TLS. Originally I could not connect at all using TLS (I would recive a message saying STARTTLS failed). After taking a look at the the logs I realized there was no SMTP cert, so I rebuild by certs. Now I am prompted for a password; however, no password ever works, authentication always fails. There is nothing on the log side besides noting the connected starts then auth fails.

    Thanks

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by 3RiversTechAdmin View Post
    Currently I have a Zimbra box using another mail server on my network for external delivery. I would like to turn this off.
    What should the servers external relay MTA be set as in the admin console? Also, what should zimbraMtaRelayHost and zimbraMtaDnsLookupsEnabled be set to?
    Those options can be changed in the Admin UI, the relay host field is empty (you're not using one) and the Enable DNS lookup should be enabled (you'll need it to deliver external mail). Those are both on the Global Settings/MTA tab.

    Quote Originally Posted by 3RiversTechAdmin View Post
    My second question is related to TLS. Originally I could not connect at all using TLS (I would recive a message saying STARTTLS failed). After taking a look at the the logs I realized there was no SMTP cert, so I rebuild by certs. Now I am prompted for a password; however, no password ever works, authentication always fails. There is nothing on the log side besides noting the connected starts then auth fails
    What exactly is in the logs?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    3RiversTechAdmin's Avatar
    3RiversTechAdmin is offline Special Member
    Join Date
    Oct 2006
    Posts
    100
    Rep Power
    8

    Red face

    Thanks Phoenix,

    Relay:
    When I try to set the field to be blank in the Admin UI, it fills it with my host name when I click save.


    Here is my log of a connection attempt from Evolution using TLS:
    ec 20 08:42:51 localhost postfix/smtpd[14864]: connect from unknown[192.168.X.XX]
    Dec 20 08:42:51 localhost postfix/smtpd[14864]: setting up TLS connection from unknown[192.168.X.XX]
    Dec 20 08:42:52 localhost postfix/smtpd[14864]: TLS connection established from unknown[192.168.X.XX]: TLSv1 with cipher RC4-MD5 (128/128 bits)
    Dec 20 08:43:06 localhost postfix/smtpd[14864]: warning: unknown[192.168.X.XX]: SASL LOGIN authentication failed
    Dec 20 08:43:07 localhost postfix/smtpd[14864]: disconnect from unknown[192.168.X.XX]
    Thanks

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by 3RiversTechAdmin View Post
    Thanks Phoenix,

    Relay:
    When I try to set the field to be blank in the Admin UI, it fills it with my host name when I click save.
    You can set thos from the command line, the DNS setting should be TRUE and the relay host should be disable by entering nothing for the attribute (use '' single quotes for the attribute to disable it)


    Quote Originally Posted by 3RiversTechAdmin View Post
    Here is my log of a connection attempt from Evolution using TLS:
    I'll come back to you later about this (sorry, I'm in the middle of something).
    Last edited by phoenix; 12-20-2006 at 08:09 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Is your saslauthd.conf correct? Have a look at this thread and see if it helps.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #6
    3RiversTechAdmin's Avatar
    3RiversTechAdmin is offline Special Member
    Join Date
    Oct 2006
    Posts
    100
    Rep Power
    8

    Thumbs up Thanks :)

    My issue with TLS was the same as mentioned in that thread. The server had been changed to https and the link it was generating was for http.

    I will be able to test your suggestion as to the external relay tonight when I can have a bit of downtime. Thanks for your help again.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Howto setup TLS usage with upstream MTA
    By markymarknz in forum Installation
    Replies: 3
    Last Post: 10-21-2008, 11:49 AM
  2. Trouble sending mail from Outlook
    By czaveri in forum Users
    Replies: 15
    Last Post: 07-24-2006, 11:01 AM
  3. Supporting SPA and TLS for SMTP relaying
    By pbwebguy in forum Installation
    Replies: 1
    Last Post: 05-18-2006, 07:59 AM
  4. MTA TLS authentication
    By gutzeit in forum Installation
    Replies: 10
    Last Post: 11-16-2005, 04:15 PM
  5. tls auth only?
    By rmvg in forum Administrators
    Replies: 16
    Last Post: 10-23-2005, 08:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •