[xmail] SMTP TLS
Ssl certificates are based on server name, so you can use it on xmail ONLY if your xmail server use same name (and generaly a ip that resolve to same name) So if your ssl cert is for www.atinet.com.br, you xmail server should resolve to www.atinet.com.br (from ip and from smtp banners I think) -Message d'origine- De: xmail-boun...@xmailserver.org A: XMail Users Mailing List Date: 21/08/2009 16:35 Objet: Re: [xmail] SMTP TLS Importance: Haute We have a ssl web server certificate from Thawte (www.thawte.com) Could this kind of certificate be used with smtp TLS? Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Thursday, August 20, 2009 3:22 PM Subject: Re: [xmail] SMTP TLS On Thu, 20 Aug 2009, Edinilson - ATINET wrote: Some users that have domains hosted here wants to use gmail for other purposes. But they wants to use yours accounts (hosted here) to send emails, but via gmail (something like a relay). Gmail have a configuration called: SEND MAIL FROM ANOTHER ADDRESS ( http://mail.google.com/support/bin/answer.py?hl=enanswer=22370expand=s c1 ) where you can authenticate with an account from your domain and send email (from gmail) using that account. I could be wrong but looks like Google uses TLS in this point, to relay the message. Unless GOOG requires that *your* certificate is *not* self-signed, by refusing to talk to your server after the initial SSL negotiation. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
We have a ssl web server certificate from Thawte (www.thawte.com) Could this kind of certificate be used with smtp TLS? Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Thursday, August 20, 2009 3:22 PM Subject: Re: [xmail] SMTP TLS On Thu, 20 Aug 2009, Edinilson - ATINET wrote: Some users that have domains hosted here wants to use gmail for other purposes. But they wants to use yours accounts (hosted here) to send emails, but via gmail (something like a relay). Gmail have a configuration called: SEND MAIL FROM ANOTHER ADDRESS ( http://mail.google.com/support/bin/answer.py?hl=enanswer=22370expand=sc1 ) where you can authenticate with an account from your domain and send email (from gmail) using that account. I could be wrong but looks like Google uses TLS in this point, to relay the message. Unless GOOG requires that *your* certificate is *not* self-signed, by refusing to talk to your server after the initial SSL negotiation. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Fri, 21 Aug 2009, Edinilson - ATINET wrote: We have a ssl web server certificate from Thawte (www.thawte.com) Could this kind of certificate be used with smtp TLS? I honestly dunno. It depends on Google I guess. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On 19 Aug 2009 at 16:41, Edinilson - ATINET wrote: Davide, I checked: http://www.xmailserver.org/Readme.html#ssl_configuration and created server.cert and server.key And in server.tab SMTP-TLS 1 EnableSMTP-TLS 1 Using netstat -an I can see that port 465 was opened. But, for some reason, we can´t authenticate any user using smtp tls. Any tip? I can't see you've got anything wrong. Can you test locally. Also the more competent isp I use for adsl has enabled both smtps port 465 for ssl along with smmsp port 587 for smtpauth but that might also support tls (as I use xmail from home I've not needed those facilities). Last week by chance I tried out tls on port 25 from notebook via mobile broadband, to send by xmail on my server at home. That was delivered to one of my accounts on another isp and ended up in spam folder. Spam scores were due to mobile broadband ips I was sending from being on several blocklists and their dns was bad as well. At least using smtps or smmsp I'd be sending from clean ips. I'd previously tried smtps (then set as default) and those emails were delivered without problem. David Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Wednesday, August 19, 2009 1:39 PM Subject: Re: [xmail] SMTP TLS On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? Have you checked this? http://www.xmailserver.org/Readme.html#ssl_configuration And be sure EnableSMTP-TLS in not set to 0 in your server.tab file (default, if missing, is 1). - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
Davide, you are right. Looks like something is wrong with Google. Using Outlook Express I can use TLS without problems. Trying to use TLS via Google the following error is returned: [Unspecified Error (SENT_SECOND_EHLO): Protocol error code(0) ] Nothing is being logged in smtp* logs Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Wednesday, August 19, 2009 6:22 PM Subject: Re: [xmail] SMTP TLS On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Davide, I thing that I missing something. in server.tab: SMTP-TLS 1 EnableSMTP-TLS 1 SSLUseCertsDir 1 SSLAllowSelfSigned 1 I copied to windows\system32: openssl.exe libeay32.dll ssleay32.dll libeay32.lib ssleay32.lib And updated the files in mailroot/bin and mailroot/certs with those that are in win32sll (from source package). But, for some reason, it isn´t working yet. Can you define isn't working a little bit further? Check David Lord's email also, as for the difficulties of authenticate with GOOG. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Thu, 20 Aug 2009, Edinilson - ATINET wrote: Davide, you are right. Looks like something is wrong with Google. Using Outlook Express I can use TLS without problems. Trying to use TLS via Google the following error is returned: [Unspecified Error (SENT_SECOND_EHLO): Protocol error code(0) ] Nothing is being logged in smtp* logs When you say sending with Google, what do you exactly mean? - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
Some users that have domains hosted here wants to use gmail for other purposes. But they wants to use yours accounts (hosted here) to send emails, but via gmail (something like a relay). Gmail have a configuration called: SEND MAIL FROM ANOTHER ADDRESS ( http://mail.google.com/support/bin/answer.py?hl=enanswer=22370expand=sc1 ) where you can authenticate with an account from your domain and send email (from gmail) using that account. I could be wrong but looks like Google uses TLS in this point, to relay the message. Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Thursday, August 20, 2009 2:38 PM Subject: Re: [xmail] SMTP TLS On Thu, 20 Aug 2009, Edinilson - ATINET wrote: Davide, you are right. Looks like something is wrong with Google. Using Outlook Express I can use TLS without problems. Trying to use TLS via Google the following error is returned: [Unspecified Error (SENT_SECOND_EHLO): Protocol error code(0) ] Nothing is being logged in smtp* logs When you say sending with Google, what do you exactly mean? - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Thu, 20 Aug 2009, Edinilson - ATINET wrote: Some users that have domains hosted here wants to use gmail for other purposes. But they wants to use yours accounts (hosted here) to send emails, but via gmail (something like a relay). Gmail have a configuration called: SEND MAIL FROM ANOTHER ADDRESS ( http://mail.google.com/support/bin/answer.py?hl=enanswer=22370expand=sc1 ) where you can authenticate with an account from your domain and send email (from gmail) using that account. I could be wrong but looks like Google uses TLS in this point, to relay the message. Unless GOOG requires that *your* certificate is *not* self-signed, by refusing to talk to your server after the initial SSL negotiation. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
[xmail] SMTP TLS
Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? obs: Xmail Win32 running on Windows 2000 Server SP4 Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? Have you checked this? http://www.xmailserver.org/Readme.html#ssl_configuration And be sure EnableSMTP-TLS in not set to 0 in your server.tab file (default, if missing, is 1). - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
Thanks Davide. Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Wednesday, August 19, 2009 1:39 PM Subject: Re: [xmail] SMTP TLS On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? Have you checked this? http://www.xmailserver.org/Readme.html#ssl_configuration And be sure EnableSMTP-TLS in not set to 0 in your server.tab file (default, if missing, is 1). - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
Davide, I checked: http://www.xmailserver.org/Readme.html#ssl_configuration and created server.cert and server.key And in server.tab SMTP-TLS 1 EnableSMTP-TLS 1 Using netstat -an I can see that port 465 was opened. But, for some reason, we can´t authenticate any user using smtp tls. Any tip? Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Wednesday, August 19, 2009 1:39 PM Subject: Re: [xmail] SMTP TLS On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? Have you checked this? http://www.xmailserver.org/Readme.html#ssl_configuration And be sure EnableSMTP-TLS in not set to 0 in your server.tab file (default, if missing, is 1). - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Davide, I checked: http://www.xmailserver.org/Readme.html#ssl_configuration and created server.cert and server.key And in server.tab SMTP-TLS 1 EnableSMTP-TLS 1 Using netstat -an I can see that port 465 was opened. But, for some reason, we can´t authenticate any user using smtp tls. Any tip? Port 465 is SMTPS, that's for pure SSL SMTP sessions. By setting EnableSMTP-TLS you tell XMail to try a STARTTLS negotiation, if the remote server allows it. Did you setup the certs subdirectory, if you're using Windows (like the SSLUseCertsDir suggests in the link I posted before)? - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On 19 Aug 2009 at 10:25, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? obs: Xmail Win32 running on Windows 2000 Server SP4 I found that although I can connect to my own server from a remote blocklisted ip it's no use at all for getting email through to other sites, ie blocked before authentication. Not that I blame them. I route via my own server using smtps on port 465. My mobile broadand supplier suggests I contact recipient to add me (+any of their users spreading virus or spam) to add their ip block to their whitelist (and I have shares in this organisation). Either way you need certificates etc, which took me a nights session to setup (but several hours to get some tuits), and put them in correct place as per xmail docs and have the required lines in server.tab. If you self certify you will get complaints, as from one of my mates, that certificate isn't trusted, even though he had my public key already and I'd told him to accept it. On other users of my server I've done the add certificate bit myself. Then they only use it when their own isp's mailserver is down or blocklisted. can of worms? David Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
Davide, I thing that I missing something. in server.tab: SMTP-TLS 1 EnableSMTP-TLS 1 SSLUseCertsDir 1 SSLAllowSelfSigned 1 I copied to windows\system32: openssl.exe libeay32.dll ssleay32.dll libeay32.lib ssleay32.lib And updated the files in mailroot/bin and mailroot/certs with those that are in win32sll (from source package). But, for some reason, it isn´t working yet. Regards Edinilson - ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br - Original Message - From: Davide Libenzi davi...@xmailserver.org To: XMail Users Mailing List xmail@xmailserver.org Sent: Wednesday, August 19, 2009 4:52 PM Subject: Re: [xmail] SMTP TLS On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Davide, I checked: http://www.xmailserver.org/Readme.html#ssl_configuration and created server.cert and server.key And in server.tab SMTP-TLS 1 EnableSMTP-TLS 1 Using netstat -an I can see that port 465 was opened. But, for some reason, we can´t authenticate any user using smtp tls. Any tip? Port 465 is SMTPS, that's for pure SSL SMTP sessions. By setting EnableSMTP-TLS you tell XMail to try a STARTTLS negotiation, if the remote server allows it. Did you setup the certs subdirectory, if you're using Windows (like the SSLUseCertsDir suggests in the link I posted before)? - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Wed, 19 Aug 2009, David Lord wrote: On 19 Aug 2009 at 10:25, Edinilson - ATINET wrote: Hi All, Some users are asking us about smtp tls to be used together with google. What do we need to configure in Xmail to support smtp tls ? obs: Xmail Win32 running on Windows 2000 Server SP4 I found that although I can connect to my own server from a remote blocklisted ip it's no use at all for getting email through to other sites, ie blocked before authentication. Not that I blame them. I route via my own server using smtps on port 465. My mobile broadand supplier suggests I contact recipient to add me (+any of their users spreading virus or spam) to add their ip block to their whitelist (and I have shares in this organisation). Either way you need certificates etc, which took me a nights session to setup (but several hours to get some tuits), and put them in correct place as per xmail docs and have the required lines in server.tab. If you self certify you will get complaints, as from one of my mates, that certificate isn't trusted, even though he had my public key already and I'd told him to accept it. On other users of my server I've done the add certificate bit myself. Then they only use it when their own isp's mailserver is down or blocklisted. can of worms? No shit! :) - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
Re: [xmail] SMTP TLS
On Wed, 19 Aug 2009, Edinilson - ATINET wrote: Davide, I thing that I missing something. in server.tab: SMTP-TLS 1 EnableSMTP-TLS 1 SSLUseCertsDir 1 SSLAllowSelfSigned 1 I copied to windows\system32: openssl.exe libeay32.dll ssleay32.dll libeay32.lib ssleay32.lib And updated the files in mailroot/bin and mailroot/certs with those that are in win32sll (from source package). But, for some reason, it isn´t working yet. Can you define isn't working a little bit further? Check David Lord's email also, as for the difficulties of authenticate with GOOG. - Davide ___ xmail mailing list xmail@xmailserver.org http://xmailserver.org/mailman/listinfo/xmail
[xmail] SMTP-TLS bug?
Hello Davide and other list members, I was trying to use my xmail server as a smarthost (relay) for one of my other servers, which is still using exim4. When exim4 tried to send a message using TLS (EnableSMTP-TLS=1 in xmail's server.tab), it ends up with an error message, in the XMail log files I get: AUTH=EFAIL:TYPE=LOGIN. In Exim4's log file I get: 2007-03-04 16:59:12 1HNt79-0006IG-I4 ** [EMAIL PROTECTED] R=smarthost T=remote_smtp_smarthost: SMTP error from remote mail server after MAIL FROM: SIZE=2485: host Core.LAN.UFO-Net.nl [192.168.0.51]: 501 Syntax error in parameters or arguments 2007-03-04 16:59:12 1HNt79-0006IG-I4 Frozen (delivery error message) When I disable TLS (EnableSMTP-TLS=0 in xmail's server.tab) everything is fine. The new exim4 server is allowed to use the XMail server as a relay.. Could this be a bug/missing festure in XMail, or is it exim's fault? Or is it just because I'm using XMail 1.24 and not 25?? Ivo - To unsubscribe from this list: send the line unsubscribe xmail in the body of a message to [EMAIL PROTECTED] For general help: send the line help in the body of a message to [EMAIL PROTECTED]