Hi All,
I am having some issues getting outbound SMTP working.
My ISP blocks port 25 both ways except for their servers and they also don't allow relaying through their servers.
I use the dyn.com Mailhop and SMTP relaying services to get around these issues.
I have inbound mail working fine but outbound is still causing me issues.
My outbound mail ends up in the "deferred" queue because the messages get the following error: "Oct 5 06:59:59 phantom postfix/smtp[31834]: send attr reason = conversation with outbound.mailhop.org[204.13.248.72] timed out while receiving the initial server greeting"
I can telnet to outbound.mailhop.org on 465 and get a connection BUT I don't get any response to my EHLO command.. it just closes the connection.
Any thoughts on how to troubleshoot this further ?
Regards
Chris
Issues with outbound SMTP
-
Krishopper
- Outstanding Member
- Posts: 769
- Joined: Fri Sep 12, 2014 10:23 pm
Issues with outbound SMTP
outbound.mailhop.org on port 465 uses SSL, and Zimbra's postfix doesn't account for that in a relay.
I believe you may find information on how to tweak it to use SSL with the relay in the wiki.
I believe you may find information on how to tweak it to use SSL with the relay in the wiki.
Issues with outbound SMTP
I am configured to use SSL/TLS and have followed the link you provided prior to posting this.
Thanks for the suggestion though.
If TLS was not enabled, I would get the "no suitable mech available" error I believe.
Instead I just get no response.
Regards,
Chris
Thanks for the suggestion though.
If TLS was not enabled, I would get the "no suitable mech available" error I believe.
Instead I just get no response.
Regards,
Chris
Issues with outbound SMTP
Based on what I've seen so far, it sounds like you're talking "in the clear" when you need to be on an ssl/tls channel instead. So, instead of:
$ telnet outbound.mailhop.org 465
you would want to try:
$ openssl s_client -connect outbound.mailhop.org:465
Then use your HELO/EHLO to get a response from the server. But then you need to make sure postfix is talking smtps instead of smtp (and then wanting to STARTTLS). Here are some useful references for this:
Postfix SASL Howto
Postfix TLS Support
Via that first link, you'll find the following statement (which leads you toward the second link provided above):
[QUOTE]The Postfix SMTP client does not support the obsolete "wrappermode" protocol, which uses TCP port 465 on the SMTP server. See TLS_README for a solution that uses the stunnel command.[/QUOTE]
So if you do this, you'll setup [URL=stunnel[/URL] as described in the second link and then tell postfix to route email through that tunnel.
$ telnet outbound.mailhop.org 465
you would want to try:
$ openssl s_client -connect outbound.mailhop.org:465
Then use your HELO/EHLO to get a response from the server. But then you need to make sure postfix is talking smtps instead of smtp (and then wanting to STARTTLS). Here are some useful references for this:
Postfix SASL Howto
Postfix TLS Support
Via that first link, you'll find the following statement (which leads you toward the second link provided above):
[QUOTE]The Postfix SMTP client does not support the obsolete "wrappermode" protocol, which uses TCP port 465 on the SMTP server. See TLS_README for a solution that uses the stunnel command.[/QUOTE]
So if you do this, you'll setup [URL=stunnel[/URL] as described in the second link and then tell postfix to route email through that tunnel.