You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Emmanuel Gilmont <e....@ibelgique.com> on 2003/03/19 09:46:08 UTC
SMTP AUTH scares me...
Hello guys,
I have troubles with the smtp protocol enabled with auth and verification.
When I send mails from my lan, there are no problems, the log shows correctly
that the auth mechanism works well. When I try the same from the internet,
the auth fails. When I try to telnet my james server and issue a ehlo
command, I must retry several times before getting the message "auth=auth
login"...
Between my james server and the Internet, I have a Dlink DI804
router/firewall. Does it possible that it's the problem? How can I solve
this?
Any idea? Thanks a lot,
Emmanuel
_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? T�l�charger MSN Messenger
http://www.ifrance.com/_reloc/m la 1�re messagerie instantan�e de France
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: SMTP AUTH scares me...
Posted by Kenny Smith <ja...@journalscape.com>.
Hi Emmanuel,
I had a problem with this at work. For some reason the firewall was
dropping packets that it deemed to be "authentication packets." This
included SMTP, SSH, all sorts of stuff. The IT guys didn't really tell
what they changed or give me a good description, but it sounded like
some sort of proxy configuration was the cause.
Kenny
Emmanuel Gilmont wrote:
> Hello guys,
>
> I have troubles with the smtp protocol enabled with auth and verification.
> When I send mails from my lan, there are no problems, the log shows correctly
> that the auth mechanism works well. When I try the same from the internet,
> the auth fails. When I try to telnet my james server and issue a ehlo
> command, I must retry several times before getting the message "auth=auth
> login"...
>
> Between my james server and the Internet, I have a Dlink DI804
> router/firewall. Does it possible that it's the problem? How can I solve
> this?
>
> Any idea? Thanks a lot,
> Emmanuel
> _____________________________________________________________________
> Envie de discuter en "live" avec vos amis ? Télécharger MSN Messenger
> http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: SMTP AUTH scares me...
Posted by Kenny Smith <ja...@journalscape.com>.
Hi Danny,
I've totally found James/SMTP-AUTH to be totally rocking too, but this
problem I had with the lan at work made it appear that when I telneted
to james and issued the ehlo, that no AUTH LOGIN PLAIN was returned.
I downloaded Ethereal on my workstation and fired up ngrep on the james
box so that I could sniff the network locally on both machines. In the
ngrep on the mail server I could see James responding with the AUTH
LOGIN PLAIN but in the sniff from my local workstation there was no such
thing.
The firewall was stripping it out, presumably so that it could proxy the
connections to mail servers and handle any SMTP-AUTH automatically. Very
weird.
Kenny Smith
Danny Angus wrote:
> Many firewalls handle SMTP differently than other connections.
>
> Usually they simply filter packets based on their source and destination.
> It is often possible, however, for firewalls to be setup to proxy SMTP traffic on port 25.
> This allows the firewall to use services such as RBL's (Relay Black Lists) to block mail from known open relays, and possibly implement other rules.
>
> I don't think this is your issue though.
>
> When you connect from anywhere and issue EHLO you should get "250 AUTH LOGIN PLAIN"
>
> but you are only required to actually authenticate yourself if the "RCPT TO" recipients are not local.
>
> I've found SMTP AUTH to be quite effective and stable, but I'm using James from cvs, and the first release of v2.1 not the latest release of v2.
>
> d.
>
>
>>-----Original Message-----
>>From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
>>Sent: 19 March 2003 08:46
>>To: James-User Mailing List
>>Subject: SMTP AUTH scares me...
>>
>>
>>Hello guys,
>>
>>I have troubles with the smtp protocol enabled with auth and
>>verification.
>>When I send mails from my lan, there are no problems, the log
>>shows correctly
>>that the auth mechanism works well. When I try the same from the
>>internet,
>>the auth fails. When I try to telnet my james server and issue a ehlo
>>command, I must retry several times before getting the message "auth=auth
>>login"...
>>
>>Between my james server and the Internet, I have a Dlink DI804
>>router/firewall. Does it possible that it's the problem? How can I solve
>>this?
>>
>>Any idea? Thanks a lot,
>>Emmanuel
>>_____________________________________________________________________
>>Envie de discuter en "live" avec vos amis ? Tlcharger MSN Messenger
>>http://www.ifrance.com/_reloc/m la 1re messagerie instantane de France
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: james-user-help@jakarta.apache.org
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: SMTP AUTH scares me...
Posted by Danny Angus <da...@apache.org>.
Many firewalls handle SMTP differently than other connections.
Usually they simply filter packets based on their source and destination.
It is often possible, however, for firewalls to be setup to proxy SMTP traffic on port 25.
This allows the firewall to use services such as RBL's (Relay Black Lists) to block mail from known open relays, and possibly implement other rules.
I don't think this is your issue though.
When you connect from anywhere and issue EHLO you should get "250 AUTH LOGIN PLAIN"
but you are only required to actually authenticate yourself if the "RCPT TO" recipients are not local.
I've found SMTP AUTH to be quite effective and stable, but I'm using James from cvs, and the first release of v2.1 not the latest release of v2.
d.
> -----Original Message-----
> From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
> Sent: 19 March 2003 08:46
> To: James-User Mailing List
> Subject: SMTP AUTH scares me...
>
>
> Hello guys,
>
> I have troubles with the smtp protocol enabled with auth and
> verification.
> When I send mails from my lan, there are no problems, the log
> shows correctly
> that the auth mechanism works well. When I try the same from the
> internet,
> the auth fails. When I try to telnet my james server and issue a ehlo
> command, I must retry several times before getting the message "auth=auth
> login"...
>
> Between my james server and the Internet, I have a Dlink DI804
> router/firewall. Does it possible that it's the problem? How can I solve
> this?
>
> Any idea? Thanks a lot,
> Emmanuel
> _____________________________________________________________________
> Envie de discuter en "live" avec vos amis ? Tlcharger MSN Messenger
> http://www.ifrance.com/_reloc/m la 1re messagerie instantane de France
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org