| View previous topic :: View next topic |
| Author |
Message |
VooDooPriest
n00b
Joined: 09 Feb 2003
Posts: 29
Location: Bavaria, Germany
|
 Posted: Sat Oct 15, 2005 7:22 am Post subject: exim with smarthost requiring smtp-auth smtp-over-ssl/tls |
 |
|
Hi!
I'm trying to setup a local exim server which delivers my mail through my universitys mailserver, unfortunatly the universitys mail server requires to be connected to with ssl on port 465 , uses tls and smtp-auth ...
so far I made following changes to the tls enabled build of exim .. well to the config:
| Code: |
[...]
tls_on_connect_ports = 465
...
begin routers
smarthost:
driver = manualroute
transport = remote_smtp
route_list = "* mailmaster.uni-wuerzburg.de"
....
remote_smtp:
driver = smtp
hosts_try_auth = mailmaster.uni-wuerzurg.de
hosts_require_tls = mailmaster.uni-wuerzburg.de
..
fixed_plain:
driver = plaintext
public_name = PLAIN
client_send = ^me^mypass
|
what else do i need? so far the log says: stopped recieving data after initial connection
any suggestions ? or someone with a similar setup who could give me some tipps?
thanx
_________________
#include "/dev/tty" /*ultimate C++ program*/ |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sat Oct 15, 2005 2:31 pm Post subject: |
|
|
Actual log output would be nice, and you could try upping the log level for the duration.
Not everything is logged by default; read the Exim spec on how to change this.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
VooDooPriest
n00b
Joined: 09 Feb 2003
Posts: 29
Location: Bavaria, Germany
|
| Posted: Sat Oct 15, 2005 2:44 pm Post subject: |
|
|
i have invoked the exim sever manually with : | Code: | | exim -bd -q15m -d+all |
so i hope this gives me the full loggin:
| Code: | 09:22:34 1028 delivering 1EQgNF-0000GS-KC to mailmaster.uni-wuerzburg.de [132.187.3.40] (danbala@gmx.net)
09:22:34 1028 set_process_info: 1028 delivering 1EQgNF-0000GS-KC to mailmaster.uni-wuerzburg.de [132.187.3.40] (danbala@gmx.net)
09:22:34 1028 expanding: $primary_hostname
09:22:34 1028 result: localhost
09:22:34 1022 set_process_info: 1022 delivering 1EQgNF-0000GS-KC: waiting for a remote delivery subprocess to finish
09:22:34 1022 selecting on subprocess pipes
09:22:34 1028 Connecting to mailmaster.uni-wuerzburg.de [132.187.3.40]:465 ... connected
09:22:34 1028 waiting for data on socket
09:23:34 1022 selecting on subprocess pipes
09:24:34 1022 selecting on subprocess pipes
09:25:34 1022 selecting on subprocess pipes
09:26:34 1022 selecting on subprocess pipes
09:27:19 494 child 495 ended: status=0x0
09:27:19 494 0 queue-runner processes now running
09:27:19 494 Listening...
09:27:34 1022 selecting on subprocess pipes
09:27:34 1028 ok=0 send_quit=0 send_rset=1 continue_more=0 yield=1 first_address is not NULL
09:27:34 1028 LOG: MAIN
09:27:34 1028 SMTP timeout while connected to mailmaster.uni-wuerzburg.de [132.187.3.40] after initial connection: Connection timed out
09:27:34 1028 set_process_info: 1028 delivering 1EQgNF-0000GS-KC: just tried mailmaster.uni-wuerzburg.de [132.187.3.40] for danbala@gmx.net: result DEFER
09:27:34 1028 added retry item for T:mailmaster.uni-wuerzburg.de:132.187.3.40:465: errno=110 more_errno=0,A flags=2
09:27:34 1028 all IP addresses skipped or deferred at least one address
09:27:34 1028 locking /var/spool/exim/db/wait-remote_smtp.lockfile
09:27:34 1028 locked /var/spool/exim/db/wait-remote_smtp.lockfile
09:27:34 1028 EXIM_DBOPEN(/var/spool/exim/db/wait-remote_smtp)
09:27:34 1028 returned from EXIM_DBOPEN
09:27:34 1028 opened hints database /var/spool/exim/db/wait-remote_smtp: flags=2
09:27:34 1028 dbfn_read: key=mailmaster.uni-wuerzburg.de
09:27:34 1028 dbfn_write: key=mailmaster.uni-wuerzburg.de
09:27:34 1028 Leaving remote_smtp transport
09:27:34 1028 set_process_info: 1028 delivering 1EQgNF-0000GS-KC (just run remote_smtp for danbala@gmx.net in subprocess)
09:27:34 1028 search_tidyup called
09:27:34 1022 reading pipe for subprocess 1028 (not ended)
09:27:34 1022 read() yielded 16
09:27:34 1022 selecting on subprocess pipes
09:27:34 1022 reading pipe for subprocess 1028 (not ended)
09:27:34 1022 read() yielded 5
09:27:34 1022 selecting on subprocess pipes
09:27:34 1022 reading pipe for subprocess 1028 (not ended)
09:27:34 1022 read() yielded 157
09:27:34 1022 reading retry information for T:mailmaster.uni-wuerzburg.de:132.187.3.40:465 from subprocess
09:27:34 1022 added retry item
09:27:34 1022 selecting on subprocess pipes
09:27:34 1022 reading pipe for subprocess 1028 (not ended)
09:27:34 1022 read() yielded 115
09:27:34 1022 selecting on subprocess pipes
09:27:34 1022 reading pipe for subprocess 1028 (not ended)
09:27:34 1022 read() yielded 2
09:27:34 1022 Z0 item read
09:27:34 1022 remote delivery process 1028 ended
09:27:34 1022 set_process_info: 1022 delivering 1EQgNF-0000GS-KC
09:27:34 1022 post-process danbala@gmx.net (1)
09:27:34 1022 LOG: MAIN
09:27:34 1022 == danbala@gmx.net R=smarthost T=remote_smtp defer (110): Connection timed out: SMTP timeout while connected to mailmaster.uni-wuerzburg.de [132.187.3.40] after initial connection
09:27:34 1022 >>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>>
|
or is there a way to activate even more loggin?
(sorry i find the exim documentation quite a bit confusing  )
thanx
_________________
#include "/dev/tty" /*ultimate C++ program*/ |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sat Oct 15, 2005 2:52 pm Post subject: |
|
|
It can be quite confusing at first, but Exim has - luckily - the most extensive documentation of any Unix mail server.
You can see here where it happens, at least: it tries to connect, fails, and defers the message internally to try again later.
IOW it is definitely a connection problem - the SSL connection on port 465 isn't even made.
Find out whether the uni wants you to use SSL throughout or if you should switch to starttls.
Or what kind of encryption they want for your logon - PLAIN simply isn't very secure.
As for the logging: the option is log_selector, read this: http://www.exim.org/exim-html-4.50/doc/html/spec_48.html#SECT48.15
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
VooDooPriest
n00b
Joined: 09 Feb 2003
Posts: 29
Location: Bavaria, Germany
|
| Posted: Sat Oct 15, 2005 3:09 pm Post subject: |
|
|
ok, but as it seem the -d+all commandline option does the same as log_selector = +all,
the valid login methods are plain and login, i have tried that with evolution.
it only works in evolution if I insert the smtp as ssl connection (465) and tls (secure)
I'd have asked the admin of the server, but till now they didnt answer, (didn't expect that ... they are, well, lets say less than cooperative )
_________________
#include "/dev/tty" /*ultimate C++ program*/ |
|
| Back to top |
|
|
VooDooPriest
n00b
Joined: 09 Feb 2003
Posts: 29
Location: Bavaria, Germany
|
| Posted: Sun Oct 16, 2005 5:37 am Post subject: |
|
|
i got this answer on exim-user mailinglist :
Exim doesn't support tls-on-connect as a client. If the university
won't allow to you submit mail with STARTTLS on ports 587 or 25, then
you'll have to use stunnel or something to tunnel the connection over ssl.
so it seems ... exim can't hold up to its reputation ...
well then:exim's dead long life sendmail
_________________
#include "/dev/tty" /*ultimate C++ program*/ |
|
| Back to top |
|
|
|
Networking & Security
