Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 44

Thread: SMTP Auth. Failed outside the subnet

  1. #11
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default

    I just found some hints.

    I used the Outlook Express/Outlook and saved the password in the client. And I would got the Relay Access Denied and guess that the authentication was done.

    As Kelvin said, it seems the Auth. was not made. I just tried to use the thunderbird to test it. Because the thunderbird would not let me to save the password. I suppose I would be asked for the password but it did not. And it returned me the Relay Access denied error at once.

    Ok, that's mean the Auth was not made.

    How's come?!

    I doublely checked SMTP settings of the thunderbird.

    In the "Security and Authentication"
    I checked "Use name and password" and the input the User Name already.
    And "No" for "Use secure connection:".

    I then triplely checked the SMTP settings of the Outlook Express. The SSL connection was checked too.

    Checked again the Zimbra settings, the "Auth" is required.


    [root@mailsrv log]# su - zimbra
    [zimbra@mailsrv ~]$ zmprov gs my_domain | grep Auth
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthHost: my_domain
    zimbraMtaAuthURL: http://mydomain:80/service/soap/
    zimbraMtaTlsAuthOnly: FALSE

    Every settings seems alright. I am lost.

    Thomas

  2. #12
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Try setting zimbraMtaTlsAuthOnly=TRUE and checking secure in Thunderbird, just to see if that will let you send.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #13
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default

    Quote Originally Posted by KevinH
    Try setting zimbraMtaTlsAuthOnly=TRUE and checking secure in Thunderbird, just to see if that will let you send.
    Code:
    mailsrv:/etc/rc.d # ./zimbra stop
    mailsrv:/etc/rc.d # ./zimbra stop
    Host my_domain
            Stopping antispam...Done
            Stopping antivirus...Done
            Stopping ldap...Done
            Stopping logger...Done
            Stopping mailbox...Done
            Stopping mta...FAILED
    /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd: no process killed
    
    
            Stopping snmp...Done
            Stopping spell...Done
    mailsrv:/etc/rc.d # ./zimbra start
    Host my_domain
            Starting ldap...Done.
            Starting antispam...Done.
            Starting antivirus...Done.
            Starting logger...Done.
            Starting mailbox...Done.
            Starting mta...Done.
            Starting snmp...Done.
            Starting spell...Done.
    
    zimbra@mailsrv:~> zmprov gs my_domain | grep Auth
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthHost: my_domain
    zimbraMtaAuthURL: http://my_domain:80/service/soap/
    zimbraMtaTlsAuthOnly: TRUE
    Thunderbird Connection Error (ENSURE the TLS option is checked in the client):
    "Sending of message failed

    An Error occurred sending mail: Unable to connect to SMTP server 202.175.x.x via STARTTLS since it doesn't support EHLO. Please verify that your Mail/News account settings are correct and try again."

    Notice that it is unable to stop mta with saslauthd process problem. Is it related?

    Thomas
    Last edited by chanck; 03-14-2006 at 10:50 PM.

  4. #14
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Can you verify that saslauthd is running:

    /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd: no process killed

    This error on shutdown makes me think that it wasn't running.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #15
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default

    Quote Originally Posted by KevinH
    Can you verify that saslauthd is running:

    /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd: no process killed

    This error on shutdown makes me think that it wasn't running.
    Code:
    mailsrv:/etc/init.d # ./zimbra start
    Host safp.gov.mo
            Starting ldap...Done.
            Starting antispam...Done.
            Starting antivirus...Done.
            Starting logger...Done.
            Starting mailbox...Done.
            Starting mta...Done.
            Starting snmp...Done.
            Starting spell...Done.
    mailsrv:/etc/init.d # ps -aef | grep sasl
    zimbra    9017     1  0 15:23 ?        00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
    zimbra    9018  9017  0 15:23 ?        00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
    zimbra    9019  9017  0 15:23 ?        00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
    zimbra    9020  9017  0 15:23 ?        00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
    zimbra    9021  9017  0 15:23 ?        00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
    
    ======/var/log/zimbra.log========
    Mar 15 15:24:14 safp postfix/smtpd[9143]: initializing the server-side TLS engine
    Mar 15 15:24:19 safp postfix/smtpd[9143]: warning: 202.175.xx.xx: hostname n40z15l172.broadband.ctm.net verification failed: Name or service not known
    Mar 15 15:24:19 safp postfix/smtpd[9143]: connect from unknown[202.175.xx.xx]

    From the quote above, the process is confirmed there. And I tried again with or without TLS.

    The error with TLS: ....ELHO command problem.....
    The error without TLS: ....Relay Access Denied.....

    Thomas

  6. #16
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default

    It looks like you're talking to the wrong host.

    The 202.175 IP is a public IP - is that the IP configured on the zimbra server?

  7. #17
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default Nat

    Quote Originally Posted by marcmac
    It looks like you're talking to the wrong host.

    The 202.175 IP is a public IP - is that the IP configured on the zimbra server?
    The Zimbra server is located at the DMZ behind a firewall. It is configured with an IP 192.168.x.x. And there is a static rule in the firewall to setup the NAT with a public IP 202.175.x.x to let outside world to connect. I believed I 've connected the right host.

    PS. I can pop mail from the zimbra server at Internet.

    Thomas

  8. #18
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default

    and you've verified that smtp auth is enabled on the server (not just in the global config) and that tls auth only is checked? Also, make sure the zimbraSmtpAuthUrl stuff is correct (covered extensively in the forums).

  9. #19
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default

    Quote Originally Posted by marcmac
    and you've verified that smtp auth is enabled on the server (not just in the global config) and that tls auth only is checked? Also, make sure the zimbraSmtpAuthUrl stuff is correct (covered extensively in the forums).
    Yes, verified that the global config and the domain_server config are the same.

    What and where is zimbraSmtpAuthUrl? I tried to search the keywords but not found any stuff of that.

    Thomas

  10. #20
    Join Date
    Oct 2005
    Posts
    56
    Rep Power
    10

    Default

    Quote Originally Posted by marcmac
    and you've verified that smtp auth is enabled on the server (not just in the global config) and that tls auth only is checked? Also, make sure the zimbraSmtpAuthUrl stuff is correct (covered extensively in the forums).
    I found the zimbraSmtpAuthUrl, it is looking like that:

    # more saslauthd.conf
    zimbra_url: http://my_domain:80/service/soap/
    zimbra_cert_file: /opt/zimbra/conf/smtpd.crt
    zimbra_cert_check: off

    No problem with my config.

    Thomas

Similar Threads

  1. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  2. Lotus migration
    By babou in forum Migration
    Replies: 15
    Last Post: 03-05-2007, 09:33 PM
  3. SMTP auth not working outside of ZCS's subnet
    By dvb in forum Administrators
    Replies: 3
    Last Post: 02-08-2007, 01:34 PM
  4. SMTP Auth error 535
    By FloydWilliams in forum Administrators
    Replies: 0
    Last Post: 01-04-2007, 01:33 PM
  5. Replies: 18
    Last Post: 03-20-2006, 01:22 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •