You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Jason Tjankilisan <ja...@yahoo.com.INVALID> on 2019/07/01 08:42:17 UTC
RE: How to configure SMTP so thunderbird can send email
/receiveemailfrom outside world?
Hiya Matt,
For now since the project require me not to change anything during this step, might have to try that later, thank you for the heads up. The only thing error right now is the sent folder not being able to be downloaded. The error are :
“Server [name here] has disconnected. The server may have gone down or they may be a network problem”
The error shows about java null pointer exception (Same as when trying to get email from outside when port 25 is not opening) but for that problem im gonna try to work it out myself, might just be had to reinstall James.
Also I will check the website that you gave me and recently just been learning to see raw message from gmail actually.
Again, thank you so much again for the support and help.
Sent from Mail for Windows 10
From: cryptearth
Sent: Friday, June 28, 2019 8:49 PM
To: server-user@james.apache.org
Subject: Re: How to configure SMTP so thunderbird can send email /receiveemailfrom outside world?
Hey Jason,
glad to hear you got it working. I suggest you set authRequired to
"announce" as some clients don't auth correctly if it's required but not
announced in options after EHLO, as I recently discovered with JavaMail
API (for what ever reason). Strangely, as JavaMail is the base for most
android mail apps, it seems android uses a modified version as it always
auth correctly no matter if james is set to "true" or "announce". Or
maybe it was a bug with the testcode I used, don't know.
About google keeps classify your mails as spam: have a look at
https://mxtoolbox.com/ and https://tools.dnsstuff.com/ - these sites can
help to find issues and offer lots of test tools. They both offer
services for domain-name, hostname and IP. Also a look at "raw message"
in gmail shows wich spam-checks fails - wich in combine with mx-toolbox
and dns-stuff can help a lot to get issues fixed. If you want I can try
help you to resolve them, as I went through many myself as I set up my
own domain and mailserver back in 2015. Learned a lot since.
Matt
Am 28.06.2019 um 10:05 schrieb Jason Tjankilisan:
> Hey Marth,
>
> After some testing, making sure my server run correctly, I changed my smtpserver.xml configuration file and it works. As you said, the <jmxName> tag was important so i added the tag and rename it so it goes like this :
>
> <smtpserver enabled="true">
> <jmxName>smtpSend</jmxName>
> <bind>0.0.0.0:465</bind>
>
> <tls socketTLS="true" startTLS="false">
> <keystore>file://conf/keystore</keystore>
> <secret>pass</secret>
> <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
> <algorithm>SunX509</algorithm>
> </tls>
>
> <connectiontimeout>360</connectiontimeout>
> <!-- Set the maximum simultaneous incoming connections for this service -->
> <connectionLimit>0</connectionLimit>
> <!-- Set the maximum simultaneous incoming connections per IP for this service -->
> <connectionLimitPerIP>0</connectionLimitPerIP>
>
> <authRequired>true</authRequired>
>
> <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
> <maxmessagesize>0</maxmessagesize>
> <addressBracketsEnforcement>true</addressBracketsEnforcement>
>
> <handlerchain>
> <handler class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
> <handler class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
> </handlerchain>
>
> </smtpserver>
>
> Now my thunderbird can receive email from world and send message to other (though still treated as spam in gmail, but maybe because still no DKIM and SPF). Thank you so much for the help!
>
> Sincerely, Jason
> Sorry for any wrong word, and thank you for the help
>
>
> Sent from Mail for Windows 10
>
> From: cryptearth
> Sent: Thursday, June 27, 2019 8:52 PM
> To: server-user@james.apache.org
> Subject: Re: How to configure SMTP so thunderbird can send email /receiveemail from outside world?
>
> Hey Jason,
>
> so I tested it on my backup (runs an older 3.1-snap version). This is my
> smtpserver.xml (keystore passphrase changed):
>
> <?xml version="1.0"?>
> <smtpservers>
> <smtpserver enabled="true">
> <jmxName>smtpOne</jmxName>
> <bind>0.0.0.0:25</bind>
> <connectionBacklog>200</connectionBacklog>
> <tls socketTLS="false" startTLS="true">
> <keystore>file://conf/james.jks</keystore>
> <secret>pass</secret>
> <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
> <algorithm>SunX509</algorithm>
> </tls>
> <helloName autodetect="true">home.cryptearth.de</helloName>
> <connectiontimeout>360</connectiontimeout>
> <connectionLimit>0</connectionLimit>
> <connectionLimitPerIP>0</connectionLimitPerIP>
> <authRequired>announce</authRequired>
> <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
> <maxmessagesize>0</maxmessagesize>
> <addressBracketsEnforcement>true</addressBracketsEnforcement>
> <smtpGreeting>cryptearth.de</smtpGreeting>
> <handlerchain>
> <handler
> class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
> <handler
> class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
> <handler
> class="org.apache.james.smtpserver.fastfail.SpamAssassinHandler">
> <spamdHost>127.0.0.1</spamdHost>
> <spamdPort>783</spamdPort>
> <spamdRejectionHits>10</spamdRejectionHits>
> </handler>
> </handlerchain>
> </smtpserver>
> <smtpserver enabled="true">
> <jmxName>smtpTwo</jmxName>
> <bind>0.0.0.0:465</bind>
> <connectionBacklog>200</connectionBacklog>
> <tls socketTLS="true" startTLS="false">
> <keystore>file://conf/james.jks</keystore>
> <secret>pass</secret>
> <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
> <algorithm>SunX509</algorithm>
> </tls>
> <helloName autodetect="true">home.cryptearth.de</helloName>
> <connectiontimeout>360</connectiontimeout>
> <connectionLimit>0</connectionLimit>
> <connectionLimitPerIP>0</connectionLimitPerIP>
> <authRequired>announce</authRequired>
> <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
> <maxmessagesize>0</maxmessagesize>
> <addressBracketsEnforcement>true</addressBracketsEnforcement>
> <smtpGreeting>cryptearth.de</smtpGreeting>
> <handlerchain>
> <handler
> class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
> <handler
> class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
> <handler
> class="org.apache.james.smtpserver.fastfail.SpamAssassinHandler">
> <spamdHost>127.0.0.1</spamdHost>
> <spamdPort>783</spamdPort>
> <spamdRejectionHits>10</spamdRejectionHits>
> </handler>
> </handlerchain>
> </smtpserver>
> <smtpserver enabled="true">
> <jmxName>smtpThree</jmxName>
> <bind>0.0.0.0:587</bind>
> <connectionBacklog>200</connectionBacklog>
> <tls socketTLS="false" startTLS="true">
> <keystore>file://conf/james.jks</keystore>
> <secret>pass</secret>
> <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
> <algorithm>SunX509</algorithm>
> </tls>
> <helloName autodetect="true">home.cryptearth.de</helloName>
> <connectiontimeout>360</connectiontimeout>
> <connectionLimit>0</connectionLimit>
> <connectionLimitPerIP>0</connectionLimitPerIP>
> <authRequired>announce</authRequired>
> <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
> <maxmessagesize>0</maxmessagesize>
> <addressBracketsEnforcement>true</addressBracketsEnforcement>
> <smtpGreeting>cryptearth.de</smtpGreeting>
> <handlerchain>
> <handler
> class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
> <handler
> class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
> <handler
> class="org.apache.james.smtpserver.fastfail.SpamAssassinHandler">
> <spamdHost>127.0.0.1</spamdHost>
> <spamdPort>783</spamdPort>
> <spamdRejectionHits>10</spamdRejectionHits>
> </handler>
> </handlerchain>
> </smtpserver>
> </smtpservers>
>
> Note I added jmxName in all three - reason for this is when jmxName is
> omitted in all thread, james tries "smtpserver" as default for all of
> them - wich fails for the 2nd as "smtpserver" already exists for the
> first one > lead to crash and james can't startup. After fixing this
> james starts up complete with all three ports active. I tested to
> connect and auth to them wich worked without any issue for startTLS and
> socketTLS. So, unless you have something else in your config or get
> errors when starting james (I recommend to test with "./james console"
> until you get it) it should work fine. Maybe adding jmxName fixes it to
> override default "smtpserver" bean name.
>
> Hope this helps ...
>
> Matt
>
> Am 27.06.2019 um 14:35 schrieb cryptearth:
>> Don't worry about usage of mail-list - you get used to it by using it.
>> I had same issues when I first asked here. A good maillist-capable
>> client makes things easier. I don't know about Mail for Win10 - but
>> Thunderbird is a good choice.
>>
>> To be honest: I just wrote what I remember back from a topic about the
>> same issue, I never tried it myself as I never encountered the issue I
>> couldn't connect on TCP/25 to my server. As said: filtering outgoing
>> TCP/25 for customers is common practice for ISPs or security aware
>> admins on big networks like campus or the like. I have to test it
>> myself to give you a better explanation. Maybe someone else get it
>> faster.
>>
>> Just wait for another reply, either from me or from others. But we
>> will get this done to help you.
>>
>> Matt
>>
>> Am 27.06.2019 um 12:14 schrieb Jason Tjankilisan:
>>> (Im sorry for double posting,im still confused of how this mailing
>>> list works)
>>> Halo Matt,
>>>
>>> First of all, I want to thank you for the solution provided and for
>>> the explanation.
>>>
>>> I try to follow your instruction by adding said <smtpserver> tag and
>>> change the <bind>, and <tlsSocket> to true (I copy paste the info
>>> from my port 25 SMTP and didn’t include the jmxname because it can be
>>> ignored):
>>>
>>> <smtpserver enabled="true">
>>> <bind>0.0.0.0:465</bind>
>>>
>>> <tls socketTLS="true" startTLS="false">
>>> <keystore>file://conf/keystore</keystore>
>>> <secret>pass</secret>
>>> <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
>>> <algorithm>SunX509</algorithm>
>>> </tls>
>>>
>>> <connectiontimeout>360</connectiontimeout>
>>> <!-- Set the maximum simultaneous incoming connections for
>>> this service -->
>>> <connectionLimit>0</connectionLimit>
>>> <!-- Set the maximum simultaneous incoming connections per
>>> IP for this service -->
>>> <connectionLimitPerIP>0</connectionLimitPerIP>
>>>
>>> <authRequired>true</authRequired>
>>>
>>> <authorizedAddresses>127.0.0.0/8</authorizedAddresses>
>>> <maxmessagesize>0</maxmessagesize>
>>> <addressBracketsEnforcement>true</addressBracketsEnforcement>
>>>
>>> <handlerchain>
>>> <handler
>>> class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
>>> <handler
>>> class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
>>> </handlerchain>
>>>
>>> </smtpserver>
>>>
>>> And I try to get my mail server from thunderbird (also changed the
>>> setting to port 465 SSL/TLS), but the connection got refused and I
>>> cant even send email. I try putting the SMTP port 465 code under the
>>> SMTP port 25, so maybe the SMTP port 25 get loaded first before the
>>> 465, but still no luck.
>>>
>>> Is there something im doing wrong or I miss or I need to look out?
>>>
>>> Sincerely, Jason
>>> Sorry for any wrong word, and thank you for the help
>>>
>>> Sent from Mail for Windows 10
>>>
>>> From: cryptearth
>>> Sent: Thursday, June 27, 2019 11:03 AM
>>> To: server-user@james.apache.org
>>> Subject: Re: How to configure SMTP so thunderbird can send email /
>>> receiveemail from outside world?
>>>
>>> Hello Jason,
>>>
>>> if I remeber correctly from an older topic, it's possible to use more
>>> than one port per service. In <james>/conf/smtpserver.xml you normal
>>> have this layout:
>>>
>>> <smtpservers>
>>> <smtpserver>
>>> <bind>0.0.0.0:25</bind>
>>> </smtpserver>
>>> </smtpservers>
>>>
>>> This is the required one on TCP/25 for receiving e-mails from the
>>> outside world. Why? SMTP uses TCP/25 for inter-server communication:
>>> each MTA that want to talk to another MTA has to do this on TCP/25 - if
>>> TCP/25 isn't open or there is no SMTP server on this port mails can't be
>>> delievered.
>>>
>>> If you want additional ports for TCP/465 (socketTLS) or TCP/587
>>> (startTLS) you just have to add another <smtpserver>-block. You can just
>>> copy the existing block. But you have to change the jmxName, or delete
>>> it, as there can't multiple jmx entries with the same name.
>>>
>>> So you can do this:
>>>
>>> <smtpservers>
>>> <smtpserver>
>>> <bind>0.0.0.0:25</bind>
>>> <tls socketTLS="false" startTLS="true">
>>> <!-- stuff -->
>>> </tls>
>>> </smtpserver>
>>> <smtpserver>
>>> <bind>0.0.0.0:465</bind>
>>> <tls socketTLS="true" startTLS="false">
>>> <!-- stuff -->
>>> </tls>
>>> </smtpserver>
>>> <smtpserver>
>>> <bind>0.0.0.0:587</bind>
>>> <tls socketTLS="false" startTLS="true">
>>> <!-- stuff -->
>>> </tls>
>>> </smtpserver>
>>> </smtpservers>
>>>
>>> This way you open your james on ports 25, 465 and 587. The startTLS on
>>> 25 is so other MTA can drop mails over encrypted channel, but you can
>>> set it to false. Make sure to set authRequired to announce to enforce
>>> SMTP AUTH or set authroizedAddress correctly (also check
>>> mailetcontainer.xml !).
>>>
>>> About TCP/25 is marked as spam - I guess you're either in a larger
>>> network or use an ISP with strict policies, as it shouldn't be blocked
>>> allthough it's a good anti-spam mechanic. Try contact the admin/support
>>> about policies about TCP/25.
>>>
>>> Matt
>>>
>>> Am 27.06.2019 um 05:09 schrieb Jason Tjankilisan:
>>>> Halo,
>>>> After doing some research about my problem, I found
>>>> this https://www.mail-archive.com/server-user@james.apache.org/msg15590.html and
>>>> from what im understanding that if my SMTP use port other than 25, I
>>>> cannot get any email from outside world? (Gmail, Yahoo I pressume)
>>>>
>>>> I might be wrong since im new but, to send email to outside world, I
>>>> need port 465 with SSL/TLS Socket on so it wont be recognized as
>>>> spam. In addition, it seems using port 25 as SMTP port to send email
>>>> using thunderbird always create a connection time out error.
>>>>
>>>> For the IMAP server, I can use port 993 with socketTLS and port 143
>>>> with no problem to get new email, as long as the SMTP port stay on
>>>> 25. (Additional Info : keystore was created using Letsencrypt)
>>>>
>>>> (When I change SMTP port to 465, I got this error from gmail)
>>>> The recipient server did not accept our requests to connect. Learn
>>>> more
>>>> at https://support.google.com/mail/answer/7720 [jason.107.jp. 5.189.160.138:
>>>> generic::failed_precondition: connect error (111): Connection refused]
>>>> So is there any way for my SMTP to use port 465 and still get email
>>>> from outside my server?
>>>> Sincerely, Jason
>>>> Sorry for any wrong word, and thank you for the help
>>>>
>>>> Sent from Mail for Windows 10
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>>> For additional commands, e-mail: server-user-help@james.apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org