| Groups | Blog | Home |
iis smtp nntp : Urgent help needed! smtp;501 local user must be authenticated at f
I am working with a web site that uses CDONTS from a function in a Com+ component to send mail to clients after sign up etc, as well as sending clients mail to support from a web form. A virtual default SMTP server is running in !!S (6.0) We have moved the system to a new server (Windows 2003 Server as the previous installation) and the mail worked fine a few days. Now we cannot send any mail from the system. SMTP is not my speciality, I am working with the databases and system design, so I desperately need help to get this working. The settings are as follow: The server (name "global") is set up as a member of Workgroup, not part of any domain or active directory. In SMTP Virtual server: Access > Authentication: Anonymous access Access > Connection: All computers Access > Relay: The IP address for global and also checked "Allow all computers which successfully authenticate..." Delivery > Advanced > Fully qualified domain name: global Delivery > Advanced > Smart Host:[IP address to our mail server] At first all e-mail were found in the queue folder. After setting up the ip for our mail server (from EmailArchitect) as Smart Host all mail disappeared from the queue, but we get a reply on each mail; From: postmaster@global, Subject: Delivery Status Notification (Failure) Body: "Delivery to the following recipients failed..." The error in the attachment is like: Reporting-MTA: dns;global Received-From-MTA: dns;global Arrival-Date: Tue, 12 Jun 2007 11:37:26 +0200 Final-Recipient: rfc822;lage@hotmail.com Action: failed Status: 5.5.0 Diagnostic-Code: smtp;501 local user must be authenticated at first. I am grateful for any help. This is an online running web site... I have searched on Google and Microsoft, but cannot find relevant information about this error message.
[quoted text, click to view]
> At first all e-mail were found in the queue folder. After setting up t= he =[quoted text, click to view] > ip > for our mail server (from EmailArchitect) as Smart Host all mail = > disappeared > from the queue That points to a DNS issue. To troubleshoot SMTP, you have to understan= d = DNS, as the two are tightly linked on the public net. What is the IP address(es) of the DNS servers used by your mail server = (Control Panel-Network-TCP/IP). Are they both accessible from the = server? Can they both resolve MX records for remote domains? Run = 'nslookup -q=3Dmx google.com <DNS server IP>' for both servers from a = command prompt and post results. Also, 'global' is not an acceptable FQDN: you want to use the true, = publicly resolvable hostname + domain of the machine. However, while so= me = servers will block or suspect your mail because of this error, it is not= = responsible for your widespread delivery problems.
[quoted text, click to view]
> Delivery > Advanced > Smart Host:[IP address to our mail server] Eh... you don't put the server's own IP as the Smart Host. That's creating a mail loop. SH is used when you want to defer to another server for remote delivery. Deferring to yourself means the mail will never leave.
Hi Sandy,
Thank you very much for your help! I forwarded your answer to our tecnician who works with the servers. Your suggestions were of great value. I changed the FQDN at smart host setting from the local computer name to the FQDN of the mail server. Even though the mail server is on another machine, this seem to work fine. I thought you had to set the FQDN of the machine with the Virtual SMTP Server you send mail from, but at least in this case it works. Regarding the authentication error, do you know if it's possible to send user name and password to the mail server by using the Outbound Security setting in Virtual SMTP Server? I made a try, but the e-mails did then stayed in the queue folder. So I changed back to anonymous. With kind regards Lage [quoted text, click to view] "Sanford Whiteman" wrote:
> > At first all e-mail were found in the queue folder. After setting up the > > ip > > for our mail server (from EmailArchitect) as Smart Host all mail > > disappeared > > from the queue > > That points to a DNS issue. To troubleshoot SMTP, you have to understand > DNS, as the two are tightly linked on the public net. > > What is the IP address(es) of the DNS servers used by your mail server > (Control Panel-Network-TCP/IP). Are they both accessible from the > server? Can they both resolve MX records for remote domains? Run > 'nslookup -q=mx google.com <DNS server IP>' for both servers from a > command prompt and post results. > > Also, 'global' is not an acceptable FQDN: you want to use the true, > publicly resolvable hostname + domain of the machine. However, while some > servers will block or suspect your mail because of this error, it is not > responsible for your widespread delivery problems. > > --Sandy
[quoted text, click to view]
> I changed the FQDN at smart host setting from the local computer > name to the FQDN of the mail server. Even though the mail server is > on another machine, this seem to work fine. I thought you had to set > the FQDN of the machine with the Virtual SMTP Server you send mail > from, but at least in this case it works. I think you're confusing two different settings. The smart host should point to the IP address (in square brackets, e.g. [1.2.3.4]) or the hostname of an upstream server that will be performing remote delivery for you. You would _only_ fill in this box if a smart host is in use. Typically, you would use a smart host if (a) the local server is not shown properly on the public Net, i.e. it doesn't have a PTR entry and can't pass a PTR-A-IP roundtrip test; (b) the local server is not allowed to communicate to the outside world on TCP port 25 due to local or ISP firewall rules; (c) the local server is too busy with other tasks, such as web serving, to double as a direct-delivery SMTP box; (d) the smart host is more powerful and capable of servicing a larger queue and daily traffic load; (e) to offload a lengthy retry cycle to a secondary server, with "attempt direct delivery first" checked; or (f) to consolidate logs on a restricted set of outbound servers. The FQDN is the full hostname of the local server's "most public" IP address as seen by the next SMTP hop. If the local server is performing direct delivery, the FQDN must be publicly resolvable back to the machine's public IP, and should also match the PTR for that IP. Even if the local server is not performing direct delivery -- using a smart host instead -- the FQDN must be the hostname of the local server as seen from the smart host's perspective. Obviously, if you are performing direct delivery, you must have a public FQDN that's under a registered and published DNS domain. If you are using a smart host, it is possible to have an FQDN that is only privately resolvable, perhaps using a TLD like .lan or .local, as long as the smart host can still resolve names within that domain. [quoted text, click to view] > Regarding the authentication error, do you know if it's possible to > send user name and password to the mail server by using the Outbound > Security setting in Virtual SMTP Server? Of course, if your web application supports authentication. It is possible that CDONTS doesn't (I haven't used it in so long, since it was superseded by CDOSYS). However, as long as your machine doesn't allow _relaying_ to any server that connects to it, it's okay to allow relay by a short list of specific source IPs in addition to allowing relay by once a user authenticates. The issues with relay-by-IP are in security auditing (you can have multiple applications running on the same source IP, as in hosting environments, and you won't know which one submitted a piece of mail unless you dole out usernames/passwords to each), in management (manually inputting and maintaining a huge list of IPs is painful, and in supporting roaming users (where you cannot know the source IP).
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |