SMTP Auth Problems

Revision as of 03:18, 30 November 2006 by Bobby (talk | contribs)

Checking and Configuring SMTP Authentication on the command-line

SMTP Authentication allows POP3 and IMAP clients to send mail from arbitrary remote networks. Authentication may fail if you change the zimbraMailMode server configuration attribute (with the zmtlsctl command) or if you change the webmail access port server configuration attribute (zimbraMailPort or zimbraMailSSLPort) for the tomcat server, since the zimbraMtaAuthURL is not automatically recreated. The solution is to regenerate the zimbraMtaAuthURL with the command given in step 4 below.

If POP3 and IMAP clients are unable to send mail, check the auth settings and mail mode of the server:

$ su - zimbra
$ zmprov gs zimbra.domain.com | grep Auth
zimbraMtaAuthEnabled: TRUE
zimbraMtaAuthHost: zimbra.domain.com
zimbraMtaAuthURL: https://zimbra.domain.com:443/service/soap/
zimbraMtaTlsAuthOnly: TRUE

$ zmprov gs zimbra.domain.com | grep Mode
zimbraMailMode: mixed

1. In order to use smtp authentication, zimbraMtaAuthEnabled must be set to TRUE

2. If zimbraMtaTlsAuthOnly is also TRUE, the POP3 and IMAP clients must be configured to use ssl/tls for smtp auth.

3. In a multi-node installation, make sure that zimbraMtaAuthHost and zimbraMtaAuthURL are set to a mailbox server. If not, the following command will set them appropriately.

zmprov ms zimbra.domain.com zimbraMtaAuthHost mailbox.domain.com

4. Make sure the url in the AuthURL will work with the MailMode. For example, if the AuthURL begins with "https://" (auth will be attempted over ssl) but the MailMode is "http" (tomcat is only listening on http), the authentication will fail.

If the URL is wrong (in my case it was http:// rather than https:// ), simply re-set the hostname like this:

zmprov ms zimbra.domain.com zimbraMtaAuthHost zimbra.domain.com
Jump to: navigation, search