|
Replies:
8
-
Pages:
1
-
Last Post:
Apr 24, 2006 11:57 PM
Last Post By: Torsten Grambs
|
|
|
Posts:
45
Registered:
11/25/03
|
|
|
|
SMTP AUTH issues
Posted:
Feb 27, 2006 9:58 AM
|
|
|
|
I have been struggling with trying to set up smtp_in to allow relaying from external connections as long as they authenticate themselves for awhile now with no luck. I am aware of the need to set orclpwdencryptenable=1 in OID and change passwords after. I have my smtp_in instance configured with starttls enabled and the wallet pointing to the default apache tls wallet. I have Relay Allowed set to Authenticated, have *.mydomain.com in Trusted domains and trusted sender domains, set Authentication to optional, sasl authentication enabled, etc. When I try to connect from an external network using the pine smtp client I get:
535 5.7.0 Authentication Failed
I tried this with a brand new account created after changing the orclpwdencryptenable=1 as well.
telnet localhost 25 gives:
220 server ready. Unauthorized Access Prohibited.
ehlo x
250-feta.temperagen.com Hello localhost, pleased to meet you
250-8BITMIME
250-SIZE
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH DIGEST-MD5 CRAM-MD5
250-XAUTH
250 HELP
Any ideas? Could someone who has smtp auth working tell me what different settings you have?
Thanks in advance,
Chris
|
|
|
Posts:
45
Registered:
11/25/03
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 1, 2006 1:39 PM
in response to: cblack
|
|
|
|
I'm still having problems with this and I have no idea what is going wrong. I found a document on how to check smtp auth via a telnet session (it was in some sasl documentation) and tried that and still got an Authentication Failed.
220 server ready. Unauthorized Access Prohibited.
ehlo x
250-feta.xxx.com Hello 192.168.100.26, pleased to meet you
250-8BITMIME
250-SIZE
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-XAUTH
250 HELP
AUTH PLAIN dGVzdDEAdGVzdDEAdGVzdDR0ZXN0
535 5.7.0 Authentication failed
451 4.4.0 Disconnected or network error
Does anyone have SMTP AUTH working in any way?
|
|
|
Posts:
33
Registered:
07/10/00
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 1, 2006 11:34 PM
in response to: cblack
|
|
|
|
Hi,
we have smtp_in working with authentication the way you want. Please check, if you have setup the follwoing:
- Trusted Relay Domains -> yourdomain.com
- Trusted Domains -> *.yourdomain.com
- Trusted Sender Domains -> yourdomain.com auth
That should get you going with smtp auth.
Cheers,
Stephan
|
|
|
Posts:
52
Registered:
08/12/05
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 8, 2006 1:31 PM
in response to: sbudach
|
|
|
|
Hello Stephan, hello cblack,
it would be really interesting which client you are using.
Along with this, what SMTP_IN in loglevel 30 says. The ehlo says that you disabled plain text encryption, which should not be disabled for first tests.
cblack,
what are your detailed oid setting for smtp_in and which clients you are using ?
I personally checked out this extensively and it worked perfectly.
Best regards,
Torsten
|
|
|
Posts:
52
Registered:
08/12/05
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 8, 2006 1:43 PM
in response to: cblack
|
|
|
|
Hello cblack,
seen that AUTH PLAIN and LOGIN are enabled.
Have you checked Metalink Note:333074.1 Secure transmission and authentication in OCS 10.1.1 EMail ?
The same is applicable for 10.1.2 ++
- Torsten
|
|
|
Posts:
45
Registered:
11/25/03
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 8, 2006 2:17 PM
in response to: Torsten Grambs
|
|
|
|
Thanks for your reply. I have tried this with PLAIN auth as well. I have also set the orclpwdencryptionenable to 1 as described in that document and tried accounts that were created after than change in the OID had been made. I am testing using pine and telnet (creating the base64 string as described in a kb document). The server is not currently back up so I can't easily get you all the parameters. I will do so soon however.
|
|
|
Posts:
52
Registered:
08/12/05
|
|
|
|
Re: SMTP AUTH issues
Posted:
Mar 8, 2006 2:26 PM
in response to: cblack
|
|
|
|
Thanks Chris,
I had not tested using pine nor telnet, therefore really asking you to use 2 methods, Oracle Connector for Outlook and/or Mozilla Thunderbird as indicated in the previous mentioned Note. For telnet, I am not sure how to encrypt a password (except the base64 PLAIN auth), pine - I personally do not use pine.
Thanks - Torsten
|
|
|
Posts:
45
Registered:
11/25/03
|
|
|
|
Re: SMTP AUTH issues
Posted:
Apr 24, 2006 12:33 PM
in response to: Torsten Grambs
|
|
|
|
I have solved this issue with the help of a couple oracle techs working on an SR. The core issue was that the "username" used when authenticating to SMTP AUTH in order to relay is "username@domain" NOT just "username". I missed this entirely since the login for imap is just "username".
|
|
|
Posts:
52
Registered:
08/12/05
|
|
|
|
Re: SMTP AUTH issues
Posted:
Apr 24, 2006 11:57 PM
in response to: cblack
|
|
|
|
Hi Chris,
the IMAP login can be username standalone as long it's in the default domain. However, if you have more than 1 domain, "user@domain" login is required for both SMTP and IMAP.
- Torsten
|
|
|
|
Legend
|
|
Guru : 2500
- 1000000
pts
|
|
Expert : 1000
- 2499
pts
|
|
Pro : 500
- 999
pts
|
|
Journeyman : 200
- 499
pts
|
|
Newbie : 0
- 199
pts
|
|
Oracle ACE Director
|
|
Oracle ACE Member
|
|
Oracle Employee ACE
|
|
Helpful Answer
(5 pts)
|
|
Correct Answer
(10 pts)
|
|
