Announcement

Collapse
No announcement yet.

qmail -> Exchange

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • qmail -> Exchange

    I believe I mis-posted this as a reply to another thread in the outlook forum.

    I've got Exchange 2003 on SBS 2003. However, I'm having some problems. I was able to send mail internally through any account on our qmail server to some test mailboxes I had set up in exchange. I just created several users (test1, test2 etc) in AD, mail enabled them and set up my outlook to check those mailboxes as well as my main one. All seemed to be running fine except... OWA wasn't working. Some tweaking in IIS fixed that. Now I can log into OWA and I must admit, from the perspective of someone who's used pretty much every iteration of the outlook web client this is pretty slick.

    But now I can't send mail anymore. If I log in to OWA and attempt to send to my main email address (on the qmail server), it just gets delayed until the server reaches it's timeout and then it's deemed undeliverable.

    When I try to send through Outlook from my main address to any of the test addresses, qmail gives me:

    > Connected to 192.168.0.65 but sender was rejected.
    > Remote host said: 530 5.7.0 Must issue a STARTTLS command first

    the exchange server seems to be rejecting it b/c qmail doesn't issue starttls. so turned off tls everywhere I thought I could but I'm still getting the failure notices. OWA still works so I know I haven't broken any necessary SSL settings. But I'm assuming something in the SSL dept. is misconfigured if I'm getting these errors.

    I'd like to get my functionality back so I can continue my testing. Sorry for the cross-post but it's been several days w/o a reply and I realized it was in the wrong forum before anyway.

    Proven e-Commerce Solutions
    340 N. 12th St.
    Suite 200
    Philadelphia PA 19107

  • #2
    Where did you disable the TLS? On the SMTP Virtual Server? Do you have an SMTP Connector? Do you have more than one SMTP Virtual Server? What do the SMTP logfiles show?
    Cheers,

    Daniel Petri
    Microsoft Most Valuable Professional - Active Directory Directory Services
    MCSA/E, MCTS, MCITP, MCT

    Comment


    • #3
      Where did you disable the TLS? On the SMTP Virtual Server?
      Yes, also in the IMAP Virtual server.
      Do you have an SMTP Connector?
      Under First Routing Group > Connectors > Internet Mail SMTP Connector on the General tab: "Forward all mail through this connector to the following smart hosts:" and then the IP address of the qmail server.

      Do you have more than one SMTP Virtual Server?
      No.

      What do the SMTP logfiles show?
      not very much I'm afraid:

      21:19:04 192.168.0.233 HELO - 250
      21:19:04 192.168.0.233 MAIL - 530
      21:19:04 192.168.0.233 QUIT - 240
      21:21:02 192.168.0.110 HELO - 250
      21:21:02 192.168.0.110 MAIL - 530
      21:21:02 192.168.0.110 QUIT - 240
      21:21:06 192.168.0.110 HELO - 250
      21:21:06 192.168.0.110 MAIL - 530
      21:21:06 192.168.0.110 QUIT - 240
      21:23:21 192.168.0.110 EHLO - 250
      21:23:21 192.168.0.110 STARTTLS - 220
      21:23:21 192.168.0.110 STARTTLS - 220
      21:23:21 192.168.0.110 HELO - 250
      21:23:21 192.168.0.110 MAIL - 250
      21:23:21 192.168.0.110 RCPT - 250
      21:23:23 192.168.0.110 DATA - 250
      21:23:23 192.168.0.110 MAIL - 250
      21:23:23 192.168.0.110 RCPT - 250
      21:23:23 192.168.0.110 DATA - 250
      21:23:23 192.168.0.110 QUIT - 240
      21:23:50 192.168.0.110 EHLO - 250
      21:23:50 192.168.0.110 STARTTLS - 220
      21:23:50 192.168.0.110 STARTTLS - 220
      21:23:50 192.168.0.110 HELO - 250
      21:23:50 192.168.0.110 MAIL - 250
      21:23:50 192.168.0.110 RCPT - 250
      21:23:50 192.168.0.110 DATA - 250
      21:23:50 192.168.0.110 QUIT - 240

      that's a chunk from today. I can get it working again (that's why you see actual mail being sent here) by enabling "the server requires a secure connection" on the client side in outlook. But I can't get it to work w/ the SSL/TLS settings enabled on the virtual SMTP or IMAP servers. What more should I turn on to get a little more verbosity w/o going overboard? Obviously I don't need to log everything but it looks like I'm not logging enough.

      I logged into OWA today and now the compose message window has a little quirk. The body of a new message loads as what looks like the icon for a broken image. Can't type a message body at all. The up side is that I can at least continue testing with client software. But how to get OWA back to it's normal behavior?

      Proven e-Commerce Solutions
      340 N. 12th St.
      Suite 200
      Philadelphia PA 19107

      Comment


      • #4
        Ok, do you happen to have Forms Based Authentication?

        Did you do funny stuff to your IIS?

        Did you try re-installing SMTP? There is a tool for that, and if you can't find it I'll dig in my links.
        Cheers,

        Daniel Petri
        Microsoft Most Valuable Professional - Active Directory Directory Services
        MCSA/E, MCTS, MCITP, MCT

        Comment


        • #5
          Ok, do you happen to have Forms Based Authentication?
          Yes, this is required for OWA as far as I understand. W/o it OWA won't work at all, let alone work w/ missing pieces.

          Did you do funny stuff to your IIS?
          not that I recall. The last change that really seemed to gum up the works was enabling all the TLS settings in ESM. I've been distracted by other minor issues and tasks (new web servers, user issues) and my focus on Exchange is just coming back. Maybe I made some other change right before all the distractions started and just don't remember.

          Did you try re-installing SMTP? There is a tool for that, and if you can't find it I'll dig in my links.
          Do the instructions in KB 840469 apply here? Or were you thinking of something else?

          Proven e-Commerce Solutions
          340 N. 12th St.
          Suite 200
          Philadelphia PA 19107

          Comment


          • #6
            qmail gateway to exchange server

            I am still having some issues that need to be ironed out in Exchange. Daniel, or anyone else for that matter, if you have suggestions to the problems above I'd be glad to hear them.

            Buuuuut... in the interest of helping others along this same process I thought I'd post a useful link.

            The good folks over at qmailrocks.org have a forum post regarding the exact configuration I'm trying to achieve; qmail as a gateway doing virus and spam checking with Exchange on the internal network to actually handle mail. Brilliant. You can click here for the forum post but in the interest of redundancy (and helping those who might be googling this stuff) i'll repost the gist of it below. I have not tried this yet since we're not quite ready to switch so I can't be totally sure if it actually works. Good luck and thanks for all the help folks.

            1.) Determine a qmail server to serve as a gateway.

            2.) Make sure the dns mx points to this gateway server for the domain in question.

            3.) On the gateway server, in /var/qmail/control create a file called smtproutes. Populate it like this.

            domain.com:mail.somewhereelse.com

            (where domain.com is the domain name and mail.somewhereelse.com is the name of the mailserver where the message will be forwarded on to.

            4.) also on this gateway server, enter the domain like normal in the rcpthosts file only.

            5.) setup the domain and user account on the other remote server like normal. This can be an exchange, qmail, whatever server you want.

            6.) I'm not sure on this, but I think relay may need to be opened on the second server to allow the first server (gateway server) to forward. I couldn't tell because both of my servers were on the same network and we allow relay from the lan.

            Proven e-Commerce Solutions
            340 N. 12th St.
            Suite 200
            Philadelphia PA 19107

            Comment


            • #7
              Well I hate to post such a quick follow up but I've figured at least one thing out. The problem I'm having with OWA is limited to the "Premium" client. It doesn't happen when I select the basic layout. Strange.

              Proven e-Commerce Solutions
              340 N. 12th St.
              Suite 200
              Philadelphia PA 19107

              Comment

              Working...
              X