>-What IS the difference between localDomains and LocalAddresses_Flat?
localDomains contains only domain definitions
LocalAddresses_Flat "can contain domain definitions" and user addresses
best use them related to there names.
> -Can smtpDestinationSSL be set to point at our server's SSL port? That
> is, have ASSP use SSL when relaying my SSL connection, or must
> smtpDestinationSSL point at a plaintext port? I currently get noting at
> all when I point it at the mail server's SSL port, which I was sure
> worked before.
smtpDestinationSSL must point to a plaintext port - setup offering
STARTTLS on your MTA and in assp the usage of STARTTLS, if you want to
secure your internal mail transfer.
>which I was sure
> worked before.
This was never the case.
>as I'll look into whether ASSP can do the
>requested tls before auth later on.
In normal cases assp would has to do nothing special if the client and
server setup are clear.
How ever, if assp gets an unsecured connection with no 'STARTTLS'
sequence, but STARTTLS is configured, assp will include the full STARTTLS
sequence for the server if it NOT receives the STARTTLS command as fist
command after EHLO (in case before AUTH).
Thomas
Von: Mark Casey <[email protected]>
An: [email protected],
Datum: 30.01.2013 20:44
Betreff: Re: [Assp-user] Authentication attempts not recognized?
On 1/30/2013 12:11 AM, Mark Casey wrote:
> Sorry if this is beating a dead horse as I'm aware this is supposed to
> just work, but I'm no longer able to relay through my ASSP server (ASSP
> version 2.2.2(12343) running on perl 5.12.5). It was working before and
> I'm not sure what has changed. I have our local domains filled in on the
> Recipients/Local Domains page (they are filled in on localDomains, but
> LocalAddresses_Flat is blank, as it always was).
>
> I do not have ASSP configured to allow relay from the IP range I'm in
> but I have set my client to use auth. I've tried both Thunderbird and
> Outlook and set the outgoing server to use SSL on ASSP's listenPortSSL;
> smtpDestinationSSL is blank. Emails coming in from 3rd parties arriving
> to ASSP on port 25 are seeing no problems, but I get relaying errors
> when I try to send offsite with or without SSL (to the coordinating,
> appropriate port, of course).
>
> The maillog shows (note: I've lightly sanitized the email addresses):
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> info: found message size announcement: 399
> Byte
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> Message-Score: added -10 (tlsValencePB)
> for SSL-TLS-connection-OK, total score for this message is now -10
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> Message-Score: added 5 (fiphValencePB) for
> Suspicious HELO - contains IP: '[172.10.0.201]', total score for this
> message is now -5
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> [scoring] (Suspicious HELO - contains IP:
> '[172.10.0.201]')
> Jan-29-13 23:16:14 [Worker_1] LDAP - found markc <at> unifiedgroup.com
> in LDAPlist
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] [SpoofedSender]
> 172.10.0.201 <markc <at> unifiedgroup.com> [monitoring] (No Spoofing
> Allowed 'markc <at> unifiedgroup.com' in 'mailfrom')
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] [RelayAttempt]
> 172.10.0.201 <markc <at> unifiedgroup.com> relay attempt blocked for:
> markc4 <@> gmail.com
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> Message-Score: added 10 (rlValencePB) for
> relay attempt blocked for: markc4 <@> gmail.com, total score for this
> message is now 5
> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201
> <markc <at> unifiedgroup.com> [SMTP Error] 530 Relaying not allowed
>
> I have two ASSP hosts (independent of one another) running now that are
> behaving the same way. One is prod (and running local on the mail
> server) and one I'm just testing with and trying to relay through (it is
> in a VM).
>
> Also, two quick questions.
> -What IS the difference between localDomains and LocalAddresses_Flat?
> -Can smtpDestinationSSL be set to point at our server's SSL port? That
> is, have ASSP use SSL when relaying my SSL connection, or must
> smtpDestinationSSL point at a plaintext port? I currently get noting at
> all when I point it at the mail server's SSL port, which I was sure
> worked before.
>
> Thank you in advance for any insight,
> Mark
>
>
>
------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_jan
> _______________________________________________
> Assp-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/assp-user
Wow that was dumb...
Apparently several versions back my mail distro switched to requiring
TLS before AUTH on port 25. That part of the change to their config
template simply didn't take when I upgraded, until recently when I had
to remove the server's external IPs from the relayclients list (because
it was verifying any and all addresses and then causing bounces). I
think I'm all set now, as I'll look into whether ASSP can do the
requested tls before auth later on.
I'll re-state those earlier questions though in case anyone can clue me
in on those.
-What IS the difference between localDomains and LocalAddresses_Flat?
-Can smtpDestinationSSL be set to point at our server's SSL port? That
is, have ASSP use SSL when relaying my SSL connection, or must
smtpDestinationSSL point at a plaintext port? I currently get noting at
all when I point it at the mail server's SSL port, which I was sure
worked before.
Thanks,
Mark
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
