Smart-Relay to external Exchange 2007

Use this forum for questions regarding adoption and functionality of OpenEMM

Moderator: moderator

west
Posts: 13
Joined: Fri Mar 23, 2007 4:54 pm

Smart-Relay to external Exchange 2007

Post by west »

Hi all,

We have setup OpenEMM5.5.0 for a period of time and works pretty well with sending mails out with relay to Exchange 2000 mail server. But after we upgrade from 2000 to 2007, mails can't be relay anymore. The openemm server sent mails out directly through the sendmail (known by the sender IP address). I have no idea why it will change to send it directly instead of using the smart-relay.

I found errors in the semu.log saying "No suitable authentication method found." But in Exchange 2007, there is already receiver that enable almost all authentication methods and allow anonymous SMTP sending.
Would you please give me some hints? Thanks a lot in advance.

Please see the following messages.

/home/openemm/conf/smart-relay

Code: Select all

192.168.1.133
After the problem, I did try

Code: Select all

-:-@192.168.1.133
and

Code: Select all

realusername:realpassword@192.168.1.133
But still failed.



Here it's the semu.log.

Code: Select all

[30.01.2009  15:14:32] 21806 DEBUG/00009D0000000009D: New entry /home/openemm/var/spool/QUEUE/qf00009D0000000009D for Mailing 157 and Customer 157
[30.01.2009  15:14:32] 21806 DEBUG/00009D0000000009D: Entry is ready to send, current trycount is 7
[30.01.2009  15:14:37] 21806 WARNING/00009D0000000009D: Retry as sent to mail-svr failed 400: "('No suitable authentication method found.',)"
[30.01.2009  15:14:37] 21806 DEBUG/00009D0000000009D: Updated qfile /home/openemm/var/spool/QUEUE/qf00009D0000000009D
[30.01.2009  15:14:37] 21806 INFO/00009D0000000009D: Softbounce 400: ('No suitable authentication method found.',)
ud
Posts: 154
Joined: Thu Aug 17, 2006 9:56 am
Location: Munich, Germany
Contact:

Post by ud »

The used module to send mails via SMTP supports (according to Python2.5) these authentication methods: CRAM-MD5, PLAIN, LOGIN. If none of these can be found at the server, your error message will be reported.

-- ud
west
Posts: 13
Joined: Fri Mar 23, 2007 4:54 pm

Post by west »

Thanks ud.

Can I specify the authentication method in openemm? Any difference in the syntax of the conf/smart-relay config file?

Is this correct for all authentication?
username:password@serverip

How can I put @ in the password field in this case?
username:p@ssword@serverip
ud
Posts: 154
Joined: Thu Aug 17, 2006 9:56 am
Location: Munich, Germany
Contact:

Post by ud »

The authentication method cannot be specified, the module (smtplib.py) looks for available authentication methods provided by the server and uses one, that it supports. If there is no match, there is no easy way to fix it.

Both of you examples to specify the authentication token are correct.

-- ud
west
Posts: 13
Joined: Fri Mar 23, 2007 4:54 pm

Post by west »

Thanks ud.

One more question, when i monitor the semu.log which says retrying to relay the mail but no authentication method. But, our customers had already receive the email which was sent by the openemm server directly. How the flow OpenEmm works? I suppose that It will relay the mails when there is entry in smart-relay config file. If it failed to relay, then send the mails by sendmail process. Is this correct?
ud
Posts: 154
Joined: Thu Aug 17, 2006 9:56 am
Location: Munich, Germany
Contact:

Post by ud »

The retry comment in the logfile is here missleading. If you have entered a hostname instaed of an IP address as the smart-relay, semu resolves all assigned IP addresses for this name and (re)tries to send the mail over the remaining IPs, if the previous delivery failed with a non permanent error. Otherwise trying the remaining IPs would be omitted.

So in your case the log just says it would try another IP, if there is one available (due to the coding it cannot easiely look ahead to see, if there is still an IP address available at this moment.)

If semu cannot deliver the mail via the smart-relay, the mail is considered as soft bounce, no other MTA is used for sending the mail anymore (this is an exclusive-or constallation, you have either semu or sendmail, but not both.)

-- ud
west
Posts: 13
Joined: Fri Mar 23, 2007 4:54 pm

Post by west »

ud wrote: If semu cannot deliver the mail via the smart-relay, the mail is considered as soft bounce, no other MTA is used for sending the mail anymore (this is an exclusive-or constallation, you have either semu or sendmail, but not both.)
Sorry for my poor English. In my understanding to your wordings, the mails won't go for sendmail even if semu failed, right? If so, what is my case which sendmail sent out mails but i did put config in smart-relay?
ud
Posts: 154
Joined: Thu Aug 17, 2006 9:56 am
Location: Munich, Germany
Contact:

Post by ud »

It may work, but it is not intended (and supported) to work. If you use semu, then you should redirect port 25 to 8025, as semu runs under user permission and is not allowed to bind to a port lower than 1024.

If you have already sendmail running, why do you not use it for OpenEMM?

-- ud
west
Posts: 13
Joined: Fri Mar 23, 2007 4:54 pm

Post by west »

ud wrote:It may work, but it is not intended (and supported) to work. If you use semu, then you should redirect port 25 to 8025, as semu runs under user permission and is not allowed to bind to a port lower than 1024.
Sorry, i can't catch what you meant. I was talking about relaying mail to an external Exchange 2007 mail server. What's the redirect port for?
If you have already sendmail running, why do you not use it for OpenEMM?
It is because of the spam reputation problem. We used different public IP addresses for OpenEMM and Exchange 2007. The problem is that we can't restructure the network configuration and neither the DNS settings. Only the IP address which Exchange server uses is matche to the MX record. Most of the email service provider spam the email which come from an unknown IP address. So the best workaround for us is to relay the mails to Exchange 2007. And OpenEMM supports this feature that shoot our requirement.

Any suggestion to me? And, any other suggestion for me to troubleshoot the problem? I am still stuck on it. Any other logs I can trace for?
Post Reply