Problems getting Gmail to use my SMTP server rather than theirs

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Problems getting Gmail to use my SMTP server rather than theirs

Rob Tanner
Problems getting Gmail to use my SMTP server rather than theirs If you’re familiar with email, you know you can add “Send mail as” identities and when you setup a second identity, you have the option of using Gmail’s SMTP server or the SMTP server for the domain to which the “send as” identity belongs. My problem is I can’t get it to work.  The error I get is:

      Authentication failed. Please check your username/password.
     [Server response: Remote server does not support TLS code(500) ]

TLS is enabled on port 25 of our server and it has a regular Thawte certificate behind it.  Tests with Thunderbird using PLAIN authentication (SASL method) work perfectly.  From our point of view, all we really want to protect in any SMTP transaction are the user credentials (uid/passwd) and what we are doing is currently sufficient.  Google, on the other hand is doing something different or expecting something different and I have no idea what.  If you are successfully using a similar setup with Gmail, could you please pass on your wisdom.

Thanks,
Rob



Rob Tanner
UNIX Services Manager
Linfield College, McMinnville Oregon



Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Jorge Armando Medina-2
Rob Tanner wrote:

> If you’re familiar with email, you know you can add “Send mail as”
> identities and when you setup a second identity, you have the option
> of using Gmail’s SMTP server or the SMTP server for the domain to
> which the “send as” identity belongs. My problem is I can’t get it to
> work.  The error I get is:
>
>       *Authentication failed. Please check your username/password.
>      [Server response: Remote server does not support TLS code(500) ]
> *
> TLS is enabled on port 25 of our server and it has a regular Thawte
> certificate behind it.  Tests with Thunderbird using PLAIN
> authentication (SASL method) work perfectly.  From our point of view,
> all we really want to protect in any SMTP transaction are the user
> credentials (uid/passwd) and what we are doing is currently
> sufficient.  Google, on the other hand is doing something different or
> expecting something different and I have no idea what.  If you are
> successfully using a similar setup with Gmail, could you please pass
> on your wisdom.
Watch your postfix logs and start debugging when gmail tries to
authenticate against your server....

>
> Thanks,
> Rob
>
>
>
> *Rob Tanner
> *UNIX Services Manager
> Linfield College, McMinnville Oregon
>
>
>

--
Jorge Armando Medina
Computación Gráfica de México
Web: http://www.e-compugraf.com
Tel: 55 51 40 72, Ext: 124
Email: [hidden email]
GPG Key: 1024D/28E40632 2007-07-26
GPG Fingerprint: 59E2 0C7C F128 B550 B3A6  D3AF C574 8422 28E4 0632



signature.asc (268 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Rob Tanner

On 2/10/10 4:40 PM, "Jorge Armando Medina" <[hidden email]> wrote:

> Rob Tanner wrote:
>> If you¹re familiar with email, you know you can add ³Send mail as²
>> identities and when you setup a second identity, you have the option
>> of using Gmail¹s SMTP server or the SMTP server for the domain to
>> which the ³send as² identity belongs. My problem is I can¹t get it to
>> work.  The error I get is:
>>
>>       *Authentication failed. Please check your username/password.
>>      [Server response: Remote server does not support TLS code(500) ]
>> *
>> TLS is enabled on port 25 of our server and it has a regular Thawte
>> certificate behind it.  Tests with Thunderbird using PLAIN
>> authentication (SASL method) work perfectly.  From our point of view,
>> all we really want to protect in any SMTP transaction are the user
>> credentials (uid/passwd) and what we are doing is currently
>> sufficient.  Google, on the other hand is doing something different or
>> expecting something different and I have no idea what.  If you are
>> successfully using a similar setup with Gmail, could you please pass
>> on your wisdom.
> Watch your postfix logs and start debugging when gmail tries to
> authenticate against your server....

The problem is the log files are rather large (a quarter million lines since
the 4 am roll this morning, and there are lots of google entries.  In other
words I've already spent time just trying to find the entries.  Any idea
about particular keywords that I might look for?
.

>>
>> Thanks,
>> Rob
>>
>>
>>
>> *Rob Tanner
>> *UNIX Services Manager
>> Linfield College, McMinnville Oregon
>>
>>
>>
>

Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Barney Desmond
On 11 February 2010 11:54, Rob Tanner <[hidden email]> wrote:
> The problem is the log files are rather large (a quarter million lines since
> the 4 am roll this morning, and there are lots of google entries.  In other
> words I've already spent time just trying to find the entries.  Any idea
> about particular keywords that I might look for?

Not really, but I'd be inclined to capture a chunk of the logs while
you manually fire off a message from gmail that should go via your
server (I think I'm reading this correctly). I don't know what the
error messages might look like, perhaps "TLS" appears in there.

Now, I've not used this gmail feature, but perhaps it's connecting to
port 587 instead? Do you have the submission port setup, and if so,
what settings/restrictions does it have?
Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Michael Saldivar
In reply to this post by Rob Tanner
On Wed, Feb 10, 2010 at 5:54 PM, Rob Tanner <[hidden email]> wrote:
>> TLS is enabled on port 25 of our server and it has a regular Thawte
>> certificate behind it.  Tests with Thunderbird using PLAIN
>> authentication (SASL method) work perfectly.  From our point of view,
>> all we really want to protect in any SMTP transaction are the user
>> credentials (uid/passwd) and what we are doing is currently
>> sufficient.  Google, on the other hand is doing something different or
>> expecting something different and I have no idea what.  If you are
>> successfully using a similar setup with Gmail, could you please pass
>> on your wisdom.
> Watch your postfix logs and start debugging when gmail tries to
> authenticate against your server....

The problem is the log files are rather large (a quarter million lines since
the 4 am roll this morning, and there are lots of google entries.  In other
words I've already spent time just trying to find the entries.  Any idea
about particular keywords that I might look for?
.
>>
>> Thanks,
>> Rob



An easy way to watch is to tail -f the logfile, tell Gmail to send a message, and then watch the log scroll past.  You will see the authorization attempt and your server's response.

Also, in your Gmail account, check the submission port.  There's a drop down list from which you can choose 25, 465, and 587; it defaults to 587.
 

--
Mike Saldivar
Direct Financial Solutions
Information Systems Manager
Desk: 435-774-8252
Cell: 435-881-3778
Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Noel Jones-2
On 2/12/2010 11:21 AM, Michael Saldivar wrote:

> On Wed, Feb 10, 2010 at 5:54 PM, Rob Tanner <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>      >> TLS is enabled on port 25 of our server and it has a regular Thawte
>      >> certificate behind it.  Tests with Thunderbird using PLAIN
>      >> authentication (SASL method) work perfectly.  From our point of
>     view,
>      >> all we really want to protect in any SMTP transaction are the user
>      >> credentials (uid/passwd) and what we are doing is currently
>      >> sufficient.  Google, on the other hand is doing something
>     different or
>      >> expecting something different and I have no idea what.  If you are
>      >> successfully using a similar setup with Gmail, could you please pass
>      >> on your wisdom.
>      > Watch your postfix logs and start debugging when gmail tries to
>      > authenticate against your server....
>
>     The problem is the log files are rather large (a quarter million
>     lines since
>     the 4 am roll this morning, and there are lots of google entries.
>       In other
>     words I've already spent time just trying to find the entries.  Any idea
>     about particular keywords that I might look for?
>     .
>      >>
>      >> Thanks,
>      >> Rob
>
>
>
> An easy way to watch is to tail -f the logfile, tell Gmail to send a
> message, and then watch the log scroll past.  You will see the
> authorization attempt and your server's response.
>
> Also, in your Gmail account, check the submission port.  There's a drop
> down list from which you can choose 25, 465, and 587; it defaults to 587.

And another great trick for finding stuff in your logs is to
tag submission entries with a different syslog_name.

# master.cf
submission ... smtpd
   -o syslog_name=postfix-submission
   ...

http://www.postfix.org/postconf.5.html#syslog_name


   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Problems getting Gmail to use my SMTP server rather than theirs

Rob Tanner
Found a far superior solution. The problem that the powers that be thought
it would fix, it wouldn't fix anyway.  I finally convinced them of that and
so that's the end of that.

Nevertheless, thanks to all who replied.

-- Rob




On 2/12/10 9:30 AM, "Noel Jones" <[hidden email]> wrote:

> On 2/12/2010 11:21 AM, Michael Saldivar wrote:
>> On Wed, Feb 10, 2010 at 5:54 PM, Rob Tanner <[hidden email]
>> <mailto:[hidden email]>> wrote:
>>
>>>> TLS is enabled on port 25 of our server and it has a regular Thawte
>>>> certificate behind it.  Tests with Thunderbird using PLAIN
>>>> authentication (SASL method) work perfectly.  From our point of
>>     view,
>>>> all we really want to protect in any SMTP transaction are the user
>>>> credentials (uid/passwd) and what we are doing is currently
>>>> sufficient.  Google, on the other hand is doing something
>>     different or
>>>> expecting something different and I have no idea what.  If you are
>>>> successfully using a similar setup with Gmail, could you please pass
>>>> on your wisdom.
>>> Watch your postfix logs and start debugging when gmail tries to
>>> authenticate against your server....
>>
>>     The problem is the log files are rather large (a quarter million
>>     lines since
>>     the 4 am roll this morning, and there are lots of google entries.
>>       In other
>>     words I've already spent time just trying to find the entries.  Any idea
>>     about particular keywords that I might look for?
>>     .
>>>>
>>>> Thanks,
>>>> Rob
>>
>>
>>
>> An easy way to watch is to tail -f the logfile, tell Gmail to send a
>> message, and then watch the log scroll past.  You will see the
>> authorization attempt and your server's response.
>>
>> Also, in your Gmail account, check the submission port.  There's a drop
>> down list from which you can choose 25, 465, and 587; it defaults to 587.
>
> And another great trick for finding stuff in your logs is to
> tag submission entries with a different syslog_name.
>
> # master.cf
> submission ... smtpd
>    -o syslog_name=postfix-submission
>    ...
>
> http://www.postfix.org/postconf.5.html#syslog_name
>
>
>    -- Noel Jones