[EMAIL PROTECTED] wrote:
> On Fri, 11 Apr 2008, Tim Mancour wrote:
>
>> Rather a mystery - have you try the submission port (587)? I would attempt
>> to watch the SMTP conversation between these clients and your toaster using
>> Ethereal or similar application. I've found the following useful for
>> debugging SMTP_AUTH issues http://qmail.jms1.net/test-auth.shtml, although
>> it seems like something (perhaps a firewall?) is obstructing the AUTH
>> command.
>
> OK, I've managed to do several tests, and set up wireshark to watch the
> SMTP converstation between our client's outlook/thunderbird and my toaster
>
> What baffles me here is that while both outlook (fully patched, all
> service packs), and thunderbird are set up to use SMTP-AUTH, neither ever
> seem to make the attempt.
>
> For example, here's a transcript of when thunderbird tries to send a
> test email (courtesy of wireshark):
>
> -----------------------------------
>
> 220 *************************************************************************
>
> EHLO [127.0.0.1]
>
> 502 unimplemented (#5.5.1)
>
> HELO [127.0.0.1]
>
> 250 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>
> MAIL FROM:<[EMAIL PROTECTED]>
>
> 250 ok
>
> RCPT TO:<[EMAIL PROTECTED]>
>
> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 -
> chkuser)
>
> QUIT
>
> 221 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>
> -------------------------
>
> And here's outlook's transcript (also courtesy of wireshark):
>
> ------------------------
>
> 220 *************************************************************************
>
> EHLO MYWINDOWSHOSTNAME
>
> 502 unimplemented (#5.5.1)
>
> HELO MYWINDOWSHOSTNAME
>
> 250 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>
> MAIL FROM: <[EMAIL PROTECTED]>
>
> 250 ok
>
> RCPT TO: <[EMAIL PROTECTED]>
>
> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 -
> chkuser)
>
> QUIT
>
> 221 my.toaster.com - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>
> --------------------------
>
> Again, if I connect from outside the client's LAN with either Tbird or
> Outlook, all is well and I can relay mail.
>
> If I telnet to my toaster from the client's LAN and do a manual SMPT-AUTH
> test, I can relay, no problem.
>
> If I look at the client's LAN's outward facing router, I see:
>
> --------------------------
>
> PORT STATE SERVICE
> 21/tcp filtered ftp
> 22/tcp open ssh
> 25/tcp filtered smtp
> 53/tcp filtered domain
> 80/tcp filtered http
> 110/tcp filtered pop3
> 123/tcp filtered ntp
> 143/tcp filtered imap
> 220/tcp filtered imap3
> 443/tcp filtered https
> 993/tcp filtered imaps
> 1984/tcp filtered bigbrother
> 3306/tcp filtered mysql
>
> ----------------------
>
> Is there something here that should be open that isn't?
>
> And why in heck are both outlook and tbird seemingly skipping the AUTH
> step in the SMTP conversation?
>
> Any suggestions/theories, etc., would be greatly appreciated...
>
> --Duncan
>
We might have covered this already, but are you using the stock toaster
firewall? It would block (entirely, I believe) traffic from local IPs. That
doesn't explain what we're seeing though.
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
