Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RE: SMTP authentication not working with POP3 email accounts

0 views
Skip to first unread message

Jeff Thibodeau [MS]

unread,
Jul 16, 2004, 3:56:21 PM7/16/04
to
Hi Darrell,

From the Exchange server use telnet and open a connection to itself on port
25. Type EHLO and view the list of verbs. Makes sure Exchange is
advertising the Auth verb.
Do the same from an external client to see if a firewall might be proxying
the SMTP commands.

If the internal test does not show the Auth commands check out
http://support.microsoft.com/default.aspx?scid=KB;EN-US;257569
If the internal testing is good and the external is not check into your
filewall settings to make sure SMTP is being passed through the firewall
and not using a proxy type tool.

I hope this helps.


Jeff Thibodeau
Microsoft
--
Get Secure! - www.microsoft.com/security
--
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
==========================================================

--------------------
Thread-Topic: SMTP authentication not working with POP3 email accounts
thread-index: AcRqIreFecLzeaqlS7+co/nshWY63g==
X-WBNR-Posting-Host: 65.85.207.50
From: "=?Utf-8?B?RGFycmVsbA==?=" <Dar...@discussions.microsoft.com>
Subject: SMTP authentication not working with POP3 email accounts
Date: Wed, 14 Jul 2004 21:18:01 -0700
Lines: 7
Message-ID: <A40F0747-5773-4400...@microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.exchange2000.protocols
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 127.0.0.1
Path: cpmsftngxa06.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
Xref: cpmsftngxa06.phx.gbl microsoft.public.exchange2000.protocols:7431
X-Tomcat-NG: microsoft.public.exchange2000.protocols

I have an Exch2k Post SP3 rollup level server that is enabled for POP3
service to roaming laptops. The Virtual SMTP server is configured not to
relay mail and is set to relay for authenticated users. I cannot send email
through my SMTP connector from any external address - it seems the Outlook
XP client is not authenticating with the SMTP server even though the client
is configured to do so.

I can assign the external IP address of the client in the Virtual SMTP
server and it will relay (however laptop will float to many different IP
addresses-won't work). I can open the relay channel to everyone and it will
relay (however SMTP queue fills up immediately with relayers-unacceptable).
I have configured the Virtual SMTP Server to not allow anonymous access
(trying to force the SMTP connection to authenticate) and the a 1709 error
reports saying SMTP client did not authenticate before sending mail. Access
denied.
I believe the issue is the client is not able to authenticate (or even
trying to authenticate) with the SMTP server. Client is setup to require
SMTP authentication. I've tried different user/pass combinations to access.
No event log is reported for incorrect credentials for any combination.

Please help. Thanks in advance to your help.
Darrell

Darrell

unread,
Jul 20, 2004, 1:38:02 PM7/20/04
to
The problem was in the Cisco 1721 router which had ip inspect smtp enabled and according to Cisco it cannot handle esmtp. After removing entry I was able to authenticate SMTP externally.

Thanks for the hint.

abatie

unread,
Dec 5, 2007, 4:36:04 PM12/5/07
to

"Jeff Thibodeau [MS]" wrote:

> Hi Darrell,
>
> From the Exchange server use telnet and open a connection to itself on port
> 25. Type EHLO and view the list of verbs. Makes sure Exchange is
> advertising the Auth verb.

I am a sysadmin at an ISP, and this is a very common problem for us and we'd
*really* like to know how to fix it; as you can see, we *are* advertising
AUTH, and outlook *is* configured for "outgoing server requires
authentication":

13 10 0.2334 (0.2031) S>C application_data
---------------------------------------------------------------
220 vmail01.peak.org ESMTP Postfix
---------------------------------------------------------------
13 11 0.2343 (0.0009) C>S application_data
---------------------------------------------------------------
EHLO xp
---------------------------------------------------------------
13 12 0.2348 (0.0005) S>C application_data
---------------------------------------------------------------
250-vmail01.peak.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
---------------------------------------------------------------
13 13 0.2372 (0.0023) C>S application_data
---------------------------------------------------------------
MAIL FROM: <van...@dswebnet.com>
---------------------------------------------------------------
13 14 0.2381 (0.0008) S>C application_data
---------------------------------------------------------------
250 2.1.0 Ok
---------------------------------------------------------------
13 15 0.2389 (0.0008) C>S application_data
---------------------------------------------------------------
RCPT TO: <van...@peak.org>
---------------------------------------------------------------
13 16 0.2396 (0.0007) S>C application_data
---------------------------------------------------------------
554 5.7.1 <cvo-sr1-off.peak.org[69.59.192.10]>: Client host rejected:
Access denied
---------------------------------------------------------------

abatie

unread,
Dec 5, 2007, 7:08:05 PM12/5/07
to

> 250-AUTH PLAIN

After some experimentation, I determined that outlook requires the LOGIN
auth mechanism; with PLAIN, it just silently doesn't authenticate, even when
told the server requires it.

0 new messages