Thank you for taking the time to answer those. Mark
On 1/30/2013 10:27 PM, Thomas Eckardt wrote: >> -What IS the difference between localDomains and LocalAddresses_Flat? > > localDomains contains only domain definitions > LocalAddresses_Flat "can contain domain definitions" and user addresses > > best use them related to there names. > > >> -Can smtpDestinationSSL be set to point at our server's SSL port? That >> is, have ASSP use SSL when relaying my SSL connection, or must >> smtpDestinationSSL point at a plaintext port? I currently get noting at >> all when I point it at the mail server's SSL port, which I was sure >> worked before. > > > smtpDestinationSSL must point to a plaintext port - setup offering > STARTTLS on your MTA and in assp the usage of STARTTLS, if you want to > secure your internal mail transfer. > >> which I was sure >> worked before. > > This was never the case. > >> as I'll look into whether ASSP can do the >> requested tls before auth later on. > > In normal cases assp would has to do nothing special if the client and > server setup are clear. > How ever, if assp gets an unsecured connection with no 'STARTTLS' > sequence, but STARTTLS is configured, assp will include the full STARTTLS > sequence for the server if it NOT receives the STARTTLS command as fist > command after EHLO (in case before AUTH). > > > Thomas > > > > Von: Mark Casey <[email protected]> > An: [email protected], > Datum: 30.01.2013 20:44 > Betreff: Re: [Assp-user] Authentication attempts not recognized? > > > > On 1/30/2013 12:11 AM, Mark Casey wrote: >> Sorry if this is beating a dead horse as I'm aware this is supposed to >> just work, but I'm no longer able to relay through my ASSP server (ASSP >> version 2.2.2(12343) running on perl 5.12.5). It was working before and >> I'm not sure what has changed. I have our local domains filled in on the >> Recipients/Local Domains page (they are filled in on localDomains, but >> LocalAddresses_Flat is blank, as it always was). >> >> I do not have ASSP configured to allow relay from the IP range I'm in >> but I have set my client to use auth. I've tried both Thunderbird and >> Outlook and set the outgoing server to use SSL on ASSP's listenPortSSL; >> smtpDestinationSSL is blank. Emails coming in from 3rd parties arriving >> to ASSP on port 25 are seeing no problems, but I get relaying errors >> when I try to send offsite with or without SSL (to the coordinating, >> appropriate port, of course). >> >> The maillog shows (note: I've lightly sanitized the email addresses): >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> info: found message size announcement: 399 >> Byte >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> Message-Score: added -10 (tlsValencePB) >> for SSL-TLS-connection-OK, total score for this message is now -10 >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> Message-Score: added 5 (fiphValencePB) for >> Suspicious HELO - contains IP: '[172.10.0.201]', total score for this >> message is now -5 >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> [scoring] (Suspicious HELO - contains IP: >> '[172.10.0.201]') >> Jan-29-13 23:16:14 [Worker_1] LDAP - found markc <at> unifiedgroup.com >> in LDAPlist >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] [SpoofedSender] >> 172.10.0.201 <markc <at> unifiedgroup.com> [monitoring] (No Spoofing >> Allowed 'markc <at> unifiedgroup.com' in 'mailfrom') >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] [RelayAttempt] >> 172.10.0.201 <markc <at> unifiedgroup.com> relay attempt blocked for: >> markc4 <@> gmail.com >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> Message-Score: added 10 (rlValencePB) for >> relay attempt blocked for: markc4 <@> gmail.com, total score for this >> message is now 5 >> Jan-29-13 23:16:14 m1-22974-09671 [Worker_1] [SSL-in] 172.10.0.201 >> <markc <at> unifiedgroup.com> [SMTP Error] 530 Relaying not allowed >> >> I have two ASSP hosts (independent of one another) running now that are >> behaving the same way. One is prod (and running local on the mail >> server) and one I'm just testing with and trying to relay through (it is >> in a VM). >> >> Also, two quick questions. >> -What IS the difference between localDomains and LocalAddresses_Flat? >> -Can smtpDestinationSSL be set to point at our server's SSL port? That >> is, have ASSP use SSL when relaying my SSL connection, or must >> smtpDestinationSSL point at a plaintext port? I currently get noting at >> all when I point it at the mail server's SSL port, which I was sure >> worked before. >> >> Thank you in advance for any insight, >> Mark >> >> >> > > Wow that was dumb... > > Apparently several versions back my mail distro switched to requiring > TLS before AUTH on port 25. That part of the change to their config > template simply didn't take when I upgraded, until recently when I had > to remove the server's external IPs from the relayclients list (because > it was verifying any and all addresses and then causing bounces). I > think I'm all set now, as I'll look into whether ASSP can do the > requested tls before auth later on. > > I'll re-state those earlier questions though in case anyone can clue me > in on those. > -What IS the difference between localDomains and LocalAddresses_Flat? > -Can smtpDestinationSSL be set to point at our server's SSL port? That > is, have ASSP use SSL when relaying my SSL connection, or must > smtpDestinationSSL point at a plaintext port? I currently get noting at > all when I point it at the mail server's SSL port, which I was sure > worked before. > > Thanks, > Mark > ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
