[EMAIL PROTECTED] wrote: > On Fri, 11 Apr 2008, Tim Mancour wrote: > >> Rather a mystery - have you try the submission port (587)? I would attempt >> to watch the SMTP conversation between these clients and your toaster using >> Ethereal or similar application. I've found the following useful for >> debugging SMTP_AUTH issues http://qmail.jms1.net/test-auth.shtml, although >> it seems like something (perhaps a firewall?) is obstructing the AUTH >> command. > > OK, I've managed to do several tests, and set up wireshark to watch the > SMTP converstation between our client's outlook/thunderbird and my toaster > > What baffles me here is that while both outlook (fully patched, all > service packs), and thunderbird are set up to use SMTP-AUTH, neither ever > seem to make the attempt. > > For example, here's a transcript of when thunderbird tries to send a > test email (courtesy of wireshark): > > ----------------------------------- > > 220 ************************************************************************* > > EHLO [127.0.0.1] > > 502 unimplemented (#5.5.1) > > HELO [127.0.0.1] > > 250 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server > > MAIL FROM:<[EMAIL PROTECTED]> > > 250 ok > > RCPT TO:<[EMAIL PROTECTED]> > > 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - > chkuser) > > QUIT > > 221 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server > > ------------------------- > > And here's outlook's transcript (also courtesy of wireshark): > > ------------------------ > > 220 ************************************************************************* > > EHLO MYWINDOWSHOSTNAME > > 502 unimplemented (#5.5.1) > > HELO MYWINDOWSHOSTNAME > > 250 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server > > MAIL FROM: <[EMAIL PROTECTED]> > > 250 ok > > RCPT TO: <[EMAIL PROTECTED]> > > 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - > chkuser) > > QUIT > > 221 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server > > -------------------------- > > Again, if I connect from outside the client's LAN with either Tbird or > Outlook, all is well and I can relay mail. > > If I telnet to my toaster from the client's LAN and do a manual SMPT-AUTH > test, I can relay, no problem. > > If I look at the client's LAN's outward facing router, I see: > > -------------------------- > > PORT STATE SERVICE > 21/tcp filtered ftp > 22/tcp open ssh > 25/tcp filtered smtp > 53/tcp filtered domain > 80/tcp filtered http > 110/tcp filtered pop3 > 123/tcp filtered ntp > 143/tcp filtered imap > 220/tcp filtered imap3 > 443/tcp filtered https > 993/tcp filtered imaps > 1984/tcp filtered bigbrother > 3306/tcp filtered mysql > > ---------------------- > > Is there something here that should be open that isn't? > > And why in heck are both outlook and tbird seemingly skipping the AUTH > step in the SMTP conversation? > > Any suggestions/theories, etc., would be greatly appreciated... > > --Duncan >
We might have covered this already, but are you using the stock toaster firewall? It would block (entirely, I believe) traffic from local IPs. That doesn't explain what we're seeing though. -- -Eric 'shubes' --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]