SMTP Auth Problems: Difference between revisions

(Adding category)
m (clarifying)
Line 1: Line 1:
''Note: The example commands use a zimbra server named "zimbra.domain.com". Make sure to use your server's name, which you can find by running '''zmhostname'''.''
==Checking and Configuring SMTP Authentication on the command-line==
==Checking and Configuring SMTP Authentication on the command-line==


Line 7: Line 9:
<pre>
<pre>
$ su - zimbra
$ su - zimbra
$ zmprov gs zimbra.domain.com | grep Auth
$ zmprov getServer zimbra.domain.com | grep Auth
zimbraMtaAuthEnabled: TRUE
zimbraMtaAuthEnabled: TRUE
zimbraMtaAuthHost: zimbra.domain.com
zimbraMtaAuthHost: zimbra.domain.com
Line 13: Line 15:
zimbraMtaTlsAuthOnly: TRUE
zimbraMtaTlsAuthOnly: TRUE


$ zmprov gs zimbra.domain.com | grep Mode
$ zmprov getServer zimbra.domain.com | grep Mode
zimbraMailMode: mixed
zimbraMailMode: mixed
</pre>
</pre>


1. In order to use smtp authentication, '''zimbraMtaAuthEnabled''' must be set to TRUE
1. In order to use smtp authentication, '''zimbraMtaAuthEnabled''' must be set to TRUE. You can set that like this:
<pre>
zmprov modifyServer zimbra.domain.com zimbraMtaAuthEnabled TRUE
</pre>


2. If '''zimbraMtaTlsAuthOnly''' is also TRUE, the POP3 and IMAP clients ''must'' be configured to use ssl/tls for smtp auth.
2. If '''zimbraMtaTlsAuthOnly''' is also TRUE, the POP3 and IMAP clients ''must'' be configured to use ssl/tls for smtp auth. Similarly, this can be set like this:
<pre>
zmprov modifyServer zimbra.domain.com zimbraMtaTlsAuthOnly TRUE
</pre>


3. In a multi-node installation, make sure that '''zimbraMtaAuthHost''' and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately.
3. In a multi-node installation, make sure that '''zimbraMtaAuthHost''' and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately (assuming there is a mailbox node named "mailbox.domain.com"; be sure to use the zmhostname of a mailbox node in your installation).


<pre>zmprov ms zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com</pre>
<pre>zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com</pre>


4. Make sure the url in the zimbraMtaAuthURL will work with the zimbraMailMode. For example, if the MailMode is "https" or "mixed", the AuthURL must begin with "https://" (so that auth will be attempted over ssl), but if the MailMode is "http" (tomcat is only listening on http), the AuthURL must begin with "http://".
4. Make sure the url in the zimbraMtaAuthURL will work with the zimbraMailMode. For example, if the MailMode is "https" or "mixed", the AuthURL must begin with "https://" (so that auth will be attempted over ssl), but if the MailMode is "http" (tomcat is only listening on http), the AuthURL must begin with "http://".
Line 29: Line 37:
If the URL is wrong, re-set the hostname like this in order to regenerate the AuthURL:
If the URL is wrong, re-set the hostname like this in order to regenerate the AuthURL:


<pre>zmprov ms zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com</pre>
<pre>zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com</pre>


[[Category:MTA]]
[[Category:MTA]]
[[Category:Troubleshooting]]
[[Category:Troubleshooting]]

Revision as of 01:15, 2 May 2008

Note: The example commands use a zimbra server named "zimbra.domain.com". Make sure to use your server's name, which you can find by running zmhostname.

Checking and Configuring SMTP Authentication on the command-line

SMTP Authentication allows POP3 and IMAP clients to send mail from arbitrary remote networks. Authentication may fail if you change the zimbraMailMode server configuration attribute (with the zmtlsctl command) or if you change the webmail access port server configuration attribute (zimbraMailPort or zimbraMailSSLPort) for the tomcat server, since the zimbraMtaAuthURL is not automatically recreated. The solution is to regenerate the zimbraMtaAuthURL with the command given in step 4 below.

If POP3 and IMAP clients are unable to send mail, check the auth settings and mail mode of the server:

$ su - zimbra
$ zmprov getServer zimbra.domain.com | grep Auth
zimbraMtaAuthEnabled: TRUE
zimbraMtaAuthHost: zimbra.domain.com
zimbraMtaAuthURL: https://zimbra.domain.com:443/service/soap/
zimbraMtaTlsAuthOnly: TRUE

$ zmprov getServer zimbra.domain.com | grep Mode
zimbraMailMode: mixed

1. In order to use smtp authentication, zimbraMtaAuthEnabled must be set to TRUE. You can set that like this:

zmprov modifyServer zimbra.domain.com zimbraMtaAuthEnabled TRUE

2. If zimbraMtaTlsAuthOnly is also TRUE, the POP3 and IMAP clients must be configured to use ssl/tls for smtp auth. Similarly, this can be set like this:

zmprov modifyServer zimbra.domain.com zimbraMtaTlsAuthOnly TRUE

3. In a multi-node installation, make sure that zimbraMtaAuthHost and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately (assuming there is a mailbox node named "mailbox.domain.com"; be sure to use the zmhostname of a mailbox node in your installation).

zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com

4. Make sure the url in the zimbraMtaAuthURL will work with the zimbraMailMode. For example, if the MailMode is "https" or "mixed", the AuthURL must begin with "https://" (so that auth will be attempted over ssl), but if the MailMode is "http" (tomcat is only listening on http), the AuthURL must begin with "http://".

If the URL is wrong, re-set the hostname like this in order to regenerate the AuthURL:

zmprov modifyServer zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com
Jump to: navigation, search