can't relay mail: did not issue MAIL/EXPN/VRFY/ETRN
I've seen lots of threads on this, but still cannot track down the problem in my case.
To enable relaying, I've uncommented the lines in sendmail.mc that allow: 1) relaying for authenticated users 2) LOGIN and PLAIN authentication 3) listening on port 587 saslauthd is running. The firewall allows ports 587 and 143, but I've also tried with iptables down. Yes, I did make in /etc/mail and restarted sendmail. With my iPhone, I can fetch mail fine. But when sending mail from my iPhone, it fails and the maillog's error is "did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA" The Squirrelmail web interface works fine for sending and receiving. Any suggestions what to try next? |
After you make changes to sendmail.mc you need to re-generate the sendmail.cf file - have you done that?
|
Quote:
In addition, I have now discovered that sending and receiving mail has been disabled entirely by the changes I made above. The error logged is: dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=<root>, method=\ PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured EDIT: To be more specific, the lines in sendmail.mc I uncommented are: dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl |
I'm not able to check at the moment, but if you've uncommented the submission port, you may also need the smtp port. Something like this:
Code:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl |
The portion of my sendmail.mc that looks relevant says:
Code:
dnl # The following causes sendmail to only listen on the IPv4 loopback address Code:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl |
IIRC, you can use 0.0.0.0 instead of 127.0.0.1 for that.
|
Quote:
Code:
sendmail[949]: p22BUZWe000949: <ip deleted> [<ip deleted>] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA |
Did you configure your outgoing mail account correctly? (SMTP, authentication, SSL/TLS)
This message usually appears when the mail user agent software do not initialize the supported type of SMTP mechanism (for example authentication). A general issue with mail software configuration (in default) is that it expects SMTP to be an open relay (without authentication). |
Quote:
"The SMTP server <my server's ip> is not responding. Check your network connection and that you entered the correct information in the 'Outgoing Mail Server' field." The iPhone's authentication is set to "Password" and the only other options are "MD5 Challeng-Response," "NTLM," and "HTTP MD5 Digest." What am I doing wrong? |
It looks like that there is something wrong with the basic connection process by SMTP.
In first place you should make clear what type of connection for SMTP you want to use. For example if you decide to use SSL you should check if your SMTP server supports it. But I recommend you to first try SMTP with no encryption. So no SSL no TLS just SMTP on port 25. Best way is to try that with telnet. Code:
telnet your.smtpserver.com 25 In last response you should get something like this: Quote:
The big question is what supports your iPhone. If it supports SMTP without encryption try this. After this you can try it with SSL. SSL and TLS requires some additional server configuration (certificates). |
telnet'ing from my iPhone, I get:
250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 250-DELIVERBY 250-HELP Pardon any spelling errors on the output, but it's really small on my iPhone screen. This mail-related stuff is new to me, so I don't know how to set up different modes of SMTP, |
As you can see although you defined it PLAIN and LOGIN authentication mechanisms are not there.
Code:
250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 Code:
define(`confAUTH_OPTIONS', `A')dnl Quote:
|
DING DING DING DING DING DING--IT WORKS!
In my first post, I said I enabled relaying in sendmail.mc, but I failed to describe exactly how. I had uncommented these lines: Code:
dnl define(`confAUTH_OPTIONS', `A p')dnl Thanks to this thread's responders so much. I've been putting off learning this for years. It's glorious to finally get control of my servers' relaying capabilities. The one thing I don't understand is why my iPhone requires "Use SSL" to be turned off. Isn't that something I want? Does that require the firewall to allow some other port? |
Using SSL is recommended and you should use it if it is possible. But this requires some additional configuration.
This is about the second thing what you miss in your server response. Quote:
http://www.slackwiki.org/Sendmail_TLS_SASL_SMTP-AUTH 1. You need to create certificates 2. You need to configure your sendmail.cf for using certificates. 3. And of course there is a different port for this SSL - 465. There are two types of securing SMTP - 1. first is configured inside of sendmail.cf (TLS) 2. second one is by using stunnel (SSL).(I never used that for SMTP) stunnel makes SSL for your IMAP and POP3 too. But go back to the first thing. Lets try instead of comment out define(`confAUTH_OPTIONS', `A p')dnl use only the A parameter. |
Yes, I see I need to secure SMTP. I'm am about to move to a new place, so my server will be down for a few days. I'll have to come back to this next week.
|
All times are GMT -5. The time now is 02:48 PM. |