Difference between revisions of "SMTP Auth Problems"

m
 
(12 intermediate revisions by 4 users not shown)
Line 1: Line 1:
SMTP Authentication allows POP3 and IMAP clients to send mail from [[zimbraMtaMyNetworks|arbitrary remote networks]]. If POP3 and IMAP clients are unable to send mail, check the auth settings and mail mode of the server:
+
{{BC|Community Sandbox}}
 +
__FORCETOC__
 +
<div class="col-md-12 ibox-content">
 +
=SMTP authentication problems=
 +
{{KB|{{Unsupported}}|{{ZCS 5.0}}||}}
 +
{{Archive}}{{WIP}}
 +
SMTP Authentication allows POP3 and IMAP clients to send mail from [[zimbraMtaMyNetworks|arbitrary remote networks]]. Authentication may fail if you change the zimbraMailMode server configuration attribute (with the [[CLI_zmtlsctl_to_set_Web_Server_Mode|'''zmtlsctl''']] command) or if you change the webmail access port server configuration attribute (zimbraMailPort or zimbraMailSSLPort) for the Jetty server (if you are using ZCS 4.5, this is the Tomcat server), since the zimbraMtaAuthURL is not automatically recreated. The solution is to regenerate the zimbraMtaAuthURL with the command given in step 4 below.
  
Authentication also fails if you changed the port for the tomcat server, since the zimbraMtaAuthURL is not recreated when the port is changed. Solution is to force the recreation using the command in 3 below.
+
'''''Note:''' The example commands use a Zimbra server named "zimbra.domain.com". Make sure to use your server's name, which you can find by running '''zmhostname'''.''
 +
 
 +
==Checking and Configuring SMTP Authentication on the command-line==
 +
If POP3 and IMAP clients are unable to send mail, check the auth settings and mail mode of the server:
  
 
<pre>
 
<pre>
 
$ su - zimbra
 
$ su - zimbra
$ zmprov gs zimbra.domain.com | grep Auth
+
$ zmprov getServer zimbra.domain.com | grep Auth
 
zimbraMtaAuthEnabled: TRUE
 
zimbraMtaAuthEnabled: TRUE
 
zimbraMtaAuthHost: zimbra.domain.com
 
zimbraMtaAuthHost: zimbra.domain.com
Line 11: Line 20:
 
zimbraMtaTlsAuthOnly: TRUE
 
zimbraMtaTlsAuthOnly: TRUE
  
$ zmprov gs zimbra.domain.com | grep Mode
+
$ zmprov getServer zimbra.domain.com | grep Mode
 
zimbraMailMode: mixed
 
zimbraMailMode: mixed
 
</pre>
 
</pre>
  
1. In order to use smtp authentication, '''zimbraMtaAuthEnabled''' must be set to TRUE
+
1. In order to use smtp authentication, '''zimbraMtaAuthEnabled''' must be set to TRUE. You can set that like this:
 +
<pre>
 +
zmprov modifyServer zimbra.domain.com zimbraMtaAuthEnabled TRUE
 +
</pre>
  
2. If '''zimbraMtaTlsAuthOnly''' is also TRUE, the POP3 and IMAP clients ''must'' be configured to use ssl/tls for smtp auth.
+
2. If '''zimbraMtaTlsAuthOnly''' is also TRUE, the POP3 and IMAP clients ''must'' be configured to use ssl/tls for smtp auth. Similarly, this can be set like this:
 
+
<pre>
3. In a multi-node installation, make sure that '''zimbraMtaAuthHost''' and zimbraMtaAuthURL are set to a mailbox server. If not, the command "zmprov ms zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com" will set them appropriately.
+
zmprov modifyServer zimbra.domain.com zimbraMtaTlsAuthOnly TRUE
 +
</pre>
  
4. Make sure the url in the AuthURL will work with the MailMode. For example, if the AuthURL begins with "https://" (auth will be attempted over ssl) but the MailMode is "http" (tomcat is only listening on http), the authentication will fail.
+
3. In a multi-node installation, make sure that '''zimbraMtaAuthHost''' and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately (assuming there is a mailbox node named "mailbox.domain.com"; be sure to use the zmhostname of a mailbox node in your installation).
  
If the URL is wrong (in my case it was http:// rather than https://), simply re-set the hostname like this:
+
<pre>zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com</pre>
zmprov ms mail.mydomain.com zimbraMtaAuthHost mail.mydomain.com
 
----
 
Great advice!!! (Actually a life saviour)
 
----
 
You can use:
 
<pre>
 
$ zmprov gs <your.domain.net> | grep -i -e auth -e mode
 
</pre>
 
  
to get the info in one go. I'm not sure about the "mixed" "Mode", it's
+
4. Make sure the url in the zimbraMtaAuthURL will work with the zimbraMailMode. For example, if the MailMode is "https" or "mixed", the AuthURL must begin with "https://" (so that auth will be attempted over ssl), but if the MailMode is "http" (the mail server is only listening on http), the AuthURL must begin with "http://".
probably not so important (as long as it's either "mixed" or "https").
 
What's really magic here, is the
 
  
<pre>zmprov ms mail.mydomain.com zimbraMtaAuthHost mail.mydomain.com</pre>
+
If the URL is wrong, re-set the hostname like this in order to regenerate the AuthURL:
  
command. It means, that you MUST _do_ it to get decent SMTP authentification
+
<pre>zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com</pre>
but only _after_ you switched the HTTP interface to accept HTTPS.
 
  
  
 +
{{Article Footer|unknown|4/27/2006}}
  
[http://www.gambling-online-theory.com/online-casino/bet-online-casino.html bet online casino]
+
[[Category:Troubleshooting MTA]]
[http://www.casinos-new.com/blackjack.html Online casino - Blackjack online]
+
[[Category:Command Line Interface]]
[http://www.gambling-online-theory.com/online-casino/bet-online-casino.html bet online casino]
+
[[Category:ZCS 5.0]]
[http://www.magical-casino.com/games_variations.html Casino Games and variations.]
+
[[Category:ZCS 4.5]]
[http://www.casinos-new.com/blackjack.html Online casino - Blackjack online]
 
[http://www.slots-wiki.com/index.php/online_slots online slots]
 
[http://www.slots-wiki.com/index.php/slots_tips slots tips]
 
[http://www.magical-casino.com/no_deposit.html Casinos with no deposit required.]
 
[http://www.gambling-online-theory.com/online-casino/bet-online-casino.html bet online casino]
 
[http://www.slots-wiki.com/index.php/slots_online slots online]
 

Latest revision as of 09:05, 13 July 2015

SMTP authentication problems

   KB 1455        Last updated on 2015-07-13  




0.00
(0 votes)

SMTP Authentication allows POP3 and IMAP clients to send mail from arbitrary remote networks. Authentication may fail if you change the zimbraMailMode server configuration attribute (with the zmtlsctl command) or if you change the webmail access port server configuration attribute (zimbraMailPort or zimbraMailSSLPort) for the Jetty server (if you are using ZCS 4.5, this is the Tomcat server), since the zimbraMtaAuthURL is not automatically recreated. The solution is to regenerate the zimbraMtaAuthURL with the command given in step 4 below.

Note: The example commands use a Zimbra server named "zimbra.domain.com". Make sure to use your server's name, which you can find by running zmhostname.

Checking and Configuring SMTP Authentication on the command-line

If POP3 and IMAP clients are unable to send mail, check the auth settings and mail mode of the server:

$ su - zimbra
$ zmprov getServer zimbra.domain.com | grep Auth
zimbraMtaAuthEnabled: TRUE
zimbraMtaAuthHost: zimbra.domain.com
zimbraMtaAuthURL: https://zimbra.domain.com:443/service/soap/
zimbraMtaTlsAuthOnly: TRUE

$ zmprov getServer zimbra.domain.com | grep Mode
zimbraMailMode: mixed

1. In order to use smtp authentication, zimbraMtaAuthEnabled must be set to TRUE. You can set that like this:

zmprov modifyServer zimbra.domain.com zimbraMtaAuthEnabled TRUE

2. If zimbraMtaTlsAuthOnly is also TRUE, the POP3 and IMAP clients must be configured to use ssl/tls for smtp auth. Similarly, this can be set like this:

zmprov modifyServer zimbra.domain.com zimbraMtaTlsAuthOnly TRUE

3. In a multi-node installation, make sure that zimbraMtaAuthHost and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately (assuming there is a mailbox node named "mailbox.domain.com"; be sure to use the zmhostname of a mailbox node in your installation).

zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com

4. Make sure the url in the zimbraMtaAuthURL will work with the zimbraMailMode. For example, if the MailMode is "https" or "mixed", the AuthURL must begin with "https://" (so that auth will be attempted over ssl), but if the MailMode is "http" (the mail server is only listening on http), the AuthURL must begin with "http://".

If the URL is wrong, re-set the hostname like this in order to regenerate the AuthURL:

zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com


Verified Against: unknown Date Created: 4/27/2006
Article ID: https://wiki.zimbra.com/index.php?title=SMTP_Auth_Problems Date Modified: 2015-07-13



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search