Mailing List Archive

At 01:50 -0400 Rick Ennis wrote:

>Interestingly enough, Outlook --> Exim works on port 23 if I disable
>outbound SSL/TLS. Could Outlook have something hard-coded to port 25 for
>SSL even though they give you the option to change it? Does anyone have
>experience with this? I've tried running Exim on 25 and port forwarding
>something else to it. But the problem consistently appears to be on the
>desktop side.

This is little more than a guess, but it may be the difference between
SMTP STARTTLS and "ssmtp", the kind of thing Exim can do when wrapped in
an stunnel (though remember to require SMTP in this case).

You could try the stunnel listening on port 465. Or maybe try tcp/587
which is the "submission" port. Maybe, just maybe, Outlook will talk
"real" SMTP to 587.

Matt

At 13:33 +0100 Matt Bernstein wrote:

>This is little more than a guess, but it may be the difference between
>SMTP STARTTLS and "ssmtp", the kind of thing Exim can do when wrapped in
>an stunnel (though remember to require SMTP in this case).

Of course I meant SMTP AUTH; I'm too tired to tink today :-/

Aha! Excellent! My first thought on seeing your message was "thank god
someone else has seen this." And now after perusing it and trying to
implement everything, it works beautifully! Thank you for explaining
all that. Searching the Exim docs (and list) I can't figure out how to
configure the SMTPS part. So I just went with stunnel like you
suggested. Works like a charm. Thanks again! Finally I can stop
pounding my head against this one!

Rick


James P. Roberts wrote:
> Rick:
>
> This was just one of the many things that broke the camel in my frontal
> lobe.
>
> Outlook with SSL checkbox enabled will respond correctly to STARTTLS
> when it is sending to port 25. On any other port, as far as I know, it
> will instead expect STMPS protocol. So, what I do is, I run Stunnel on
> port 465, with the "-n smtp" flag set, and redirect to my port 25.
> Stunnel handles the encryption stuff and forwards everything
> (unencrypted) to Exim on port 25. The SMTP AUTH then occurs over the
> encrypted Stunnel channel. This happens with Outlook Express, also.
>
> If you do this, make sure you require SMTP AUTH from the local machine,
> also, since Stunnel makes it look to Exim like the connection is local
> (if Stunnel is running on the local machine).
>
> They tell me that Exim 4.04 handles SMTPS protocol, but unfortunately,
> you have to use it on all ports, or no ports. So, since I'd already
> found the Stunnel solution, I stuck with it, instead of creating a
> second instance of Exim listening on port 465 with SMTPS stuff enabled.
>
> In my case, it was a customer trying to send email while logged in via
> AOL, which hijacks all connections to any port 25 (from their
> customers), to their own email servers' port 25. arrrrrrgh.
>
> Jim Roberts
> Punster Productions, Inc.
> www.punsterproductions.com
>
> ----- Original Message -----
> From: "Rick Ennis" <rge@egwpartners.com>
> To: "exim-users" <exim-users@exim.org>
> Sent: Wednesday, June 05, 2002 1:50 AM
> Subject: [Exim] Outlook AUTH + TLS on a non-standard port
>
>
> This may be too obscure for a sane person's interest. But by now I'm
> not
> only frustrated but really curious as to why this doesn't work.
>
> I have Exim 4.02 happily servicing Outlook 2000's "outbound messages"
> using
> both SMTP AUTH and TLS on port 25. Motivated by a friend whose ISP
> appears
> to be blocking port 25, I tried running the same Exim config on port 23
> (we
> don't use telnet anyway). Then I changed the value for Outlook's
> outgoing
> mail server port. Simple enough, right? Now I suddenly get connection
> failure errors in Outlook when I try to send out mail. Nothing ever
> hits
> my linux box (or exim's logs). Outlook just prints its generic
> "Account:
> foo, Server: outbound, Port: 23, SSL: Yes" message but with no specific
> error. Well, I think it may say something like "Socket Error: 110110"
> (I
> just made that number up).
>
> Interestingly enough, Outlook --> Exim works on port 23 if I disable
> outbound SSL/TLS. Could Outlook have something hard-coded to port 25
> for
> SSL even though they give you the option to change it? Does anyone have
> experience with this? I've tried running Exim on 25 and port forwarding
> something else to it. But the problem consistently appears to be on the
> desktop side.


--
Rick Ennis
ennis@egwpartners.com
mobile: 617-899-0744

This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Hello, I don't have experience on SSL but I have extensively dealt with AOL and other ISP's hijacking port 25. My experience has been that all port below 1024 are hijack at point or another with the exclusion of 110.

I got around this by using a port above 30,000. Please let me know if this helps.
----- Original Message -----
From: Rick Ennis
To: exim-users@exim.org
Sent: Wednesday, June 05, 2002 11:35 PM
Subject: Re: [Exim] Outlook AUTH + TLS on a non-standard port



Aha! Excellent! My first thought on seeing your message was "thank god
someone else has seen this." And now after perusing it and trying to
implement everything, it works beautifully! Thank you for explaining
all that. Searching the Exim docs (and list) I can't figure out how to
configure the SMTPS part. So I just went with stunnel like you
suggested. Works like a charm. Thanks again! Finally I can stop
pounding my head against this one!

Rick


James P. Roberts wrote:
> Rick:
>
> This was just one of the many things that broke the camel in my frontal
> lobe.
>
> Outlook with SSL checkbox enabled will respond correctly to STARTTLS
> when it is sending to port 25. On any other port, as far as I know, it
> will instead expect STMPS protocol. So, what I do is, I run Stunnel on
> port 465, with the "-n smtp" flag set, and redirect to my port 25.
> Stunnel handles the encryption stuff and forwards everything
> (unencrypted) to Exim on port 25. The SMTP AUTH then occurs over the
> encrypted Stunnel channel. This happens with Outlook Express, also.
>
> If you do this, make sure you require SMTP AUTH from the local machine,
> also, since Stunnel makes it look to Exim like the connection is local
> (if Stunnel is running on the local machine).
>
> They tell me that Exim 4.04 handles SMTPS protocol, but unfortunately,
> you have to use it on all ports, or no ports. So, since I'd already
> found the Stunnel solution, I stuck with it, instead of creating a
> second instance of Exim listening on port 465 with SMTPS stuff enabled.
>
> In my case, it was a customer trying to send email while logged in via
> AOL, which hijacks all connections to any port 25 (from their
> customers), to their own email servers' port 25. arrrrrrgh.
>
> Jim Roberts
> Punster Productions, Inc.
> www.punsterproductions.com
>
> ----- Original Message -----
> From: "Rick Ennis" <rge@egwpartners.com>
> To: "exim-users" <exim-users@exim.org>
> Sent: Wednesday, June 05, 2002 1:50 AM
> Subject: [Exim] Outlook AUTH + TLS on a non-standard port
>
>
> This may be too obscure for a sane person's interest. But by now I'm
> not
> only frustrated but really curious as to why this doesn't work.
>
> I have Exim 4.02 happily servicing Outlook 2000's "outbound messages"
> using
> both SMTP AUTH and TLS on port 25. Motivated by a friend whose ISP
> appears
> to be blocking port 25, I tried running the same Exim config on port 23
> (we
> don't use telnet anyway). Then I changed the value for Outlook's
> outgoing
> mail server port. Simple enough, right? Now I suddenly get connection
> failure errors in Outlook when I try to send out mail. Nothing ever
> hits
> my linux box (or exim's logs). Outlook just prints its generic
> "Account:
> foo, Server: outbound, Port: 23, SSL: Yes" message but with no specific
> error. Well, I think it may say something like "Socket Error: 110110"
> (I
> just made that number up).
>
> Interestingly enough, Outlook --> Exim works on port 23 if I disable
> outbound SSL/TLS. Could Outlook have something hard-coded to port 25
> for
> SSL even though they give you the option to change it? Does anyone have
> experience with this? I've tried running Exim on 25 and port forwarding
> something else to it. But the problem consistently appears to be on the
> desktop side.


--
Rick Ennis
ennis@egwpartners.com
mobile: 617-899-0744

--



--- [ Tanaya/Exim/Antiviral ] ---
This message has been scanned with INOCULATE, H+BEDV AntiVir, and F-PROT
antivirus software and has been determined to be VIRUS FREE.

Actually port 465 worked for me. I guess I got lucky in this particular
ISP only having an issue with 25. ...and with Outlook only considering
25 "special."

Thanks though.


Father Peter Darin wrote:

>This is a multi-part message in MIME format.
>--
>[ Picked text/plain from multipart/alternative ]
>Hello, I don't have experience on SSL but I have extensively dealt with AOL and other ISP's hijacking port 25. My experience has been that all port below 1024 are hijack at point or another with the exclusion of 110.
>
>
>
>I got around this by using a port above 30,000. Please let me know if this helps.
>
> ----- Original Message -----
>
> From: Rick Ennis
>
> To: exim-users@exim.org
>
> Sent: Wednesday, June 05, 2002 11:35 PM
>
> Subject: Re: [Exim] Outlook AUTH + TLS on a non-standard port
>
>
>
>
>
>
>
> Aha! Excellent! My first thought on seeing your message was "thank god
>
> someone else has seen this." And now after perusing it and trying to
>
> implement everything, it works beautifully! Thank you for explaining
>
> all that. Searching the Exim docs (and list) I can't figure out how to
>
> configure the SMTPS part. So I just went with stunnel like you
>
> suggested. Works like a charm. Thanks again! Finally I can stop
>
> pounding my head against this one!
>
>
>
> Rick
>
>
>
>
>
> James P. Roberts wrote:
>
> > Rick:
>
> >
>
> > This was just one of the many things that broke the camel in my frontal
>
> > lobe.
>
> >
>
> > Outlook with SSL checkbox enabled will respond correctly to STARTTLS
>
> > when it is sending to port 25. On any other port, as far as I know, it
>
> > will instead expect STMPS protocol. So, what I do is, I run Stunnel on
>
> > port 465, with the "-n smtp" flag set, and redirect to my port 25.
>
> > Stunnel handles the encryption stuff and forwards everything
>
> > (unencrypted) to Exim on port 25. The SMTP AUTH then occurs over the
>
> > encrypted Stunnel channel. This happens with Outlook Express, also.
>
> >
>
> > If you do this, make sure you require SMTP AUTH from the local machine,
>
> > also, since Stunnel makes it look to Exim like the connection is local
>
> > (if Stunnel is running on the local machine).
>
> >
>
> > They tell me that Exim 4.04 handles SMTPS protocol, but unfortunately,
>
> > you have to use it on all ports, or no ports. So, since I'd already
>
> > found the Stunnel solution, I stuck with it, instead of creating a
>
> > second instance of Exim listening on port 465 with SMTPS stuff enabled.
>
> >
>
> > In my case, it was a customer trying to send email while logged in via
>
> > AOL, which hijacks all connections to any port 25 (from their
>
> > customers), to their own email servers' port 25. arrrrrrgh.
>
> >
>
> > Jim Roberts
>
> > Punster Productions, Inc.
>
> > www.punsterproductions.com
>
> >
>
> > ----- Original Message -----
>
> > From: "Rick Ennis" <rge@egwpartners.com>
>
> > To: "exim-users" <exim-users@exim.org>
>
> > Sent: Wednesday, June 05, 2002 1:50 AM
>
> > Subject: [Exim] Outlook AUTH + TLS on a non-standard port
>
> >
>
> >
>
> > This may be too obscure for a sane person's interest. But by now I'm
>
> > not
>
> > only frustrated but really curious as to why this doesn't work.
>
> >
>
> > I have Exim 4.02 happily servicing Outlook 2000's "outbound messages"
>
> > using
>
> > both SMTP AUTH and TLS on port 25. Motivated by a friend whose ISP
>
> > appears
>
> > to be blocking port 25, I tried running the same Exim config on port 23
>
> > (we
>
> > don't use telnet anyway). Then I changed the value for Outlook's
>
> > outgoing
>
> > mail server port. Simple enough, right? Now I suddenly get connection
>
> > failure errors in Outlook when I try to send out mail. Nothing ever
>
> > hits
>
> > my linux box (or exim's logs). Outlook just prints its generic
>
> > "Account:
>
> > foo, Server: outbound, Port: 23, SSL: Yes" message but with no specific
>
> > error. Well, I think it may say something like "Socket Error: 110110"
>
> > (I
>
> > just made that number up).
>
> >
>
> > Interestingly enough, Outlook --> Exim works on port 23 if I disable
>
> > outbound SSL/TLS. Could Outlook have something hard-coded to port 25
>
> > for
>
> > SSL even though they give you the option to change it? Does anyone have
>
> > experience with this? I've tried running Exim on 25 and port forwarding
>
> > something else to it. But the problem consistently appears to be on the
>
> > desktop side.
>
>
>
>--
>
>
>
>--- [ Tanaya/Exim/Antiviral ] ---
>This message has been scanned with INOCULATE, H+BEDV AntiVir, and F-PROT
>antivirus software and has been determined to be VIRUS FREE.
>
>
>
>