Re: [Evolution] Camel problem: HELO command failed

From: Thomas Spuhler <ThomasSpuhler tusonix com>
To: evolution lists ximian com
Subject: Re: [Evolution] Camel problem: HELO command failed
Date: Thu, 28 Oct 2004 13:44:37 -0700

On Thu, 2004-10-28 at 12:49, Eric Lambart wrote:

Hello,
I've moved across the US and am trying to set up a new mail server here
locally, before migrating me and my users' data from the old system.
I'm running netqmail 1.05 on Debian with SMTP AUTH and TLS patches,
among others, and have no trouble connecting to my new server using
telnet:

$ telnet 66.93.17.126 25
Trying 66.93.17.126...
Connected to 66.93.17.126.
Escape character is '^]'.
220 ldap.nomeaning.net ESMTP
EHLO 192.168.0.33

250-STARTTLS
250-ldap.nomeaning.net
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
STARTTLS
220 ready for tls

Looks good so far. Well, Evolution won't talk to the server. The first
thing I've tried to do is set up a new account for this server (SMTP
only, for now), and set "Server requires authentication" ON. When I
then click "Check for Supported Types", the UI gives me no feedback
other than disabling the "Check..." button.

So I shut down Evolution, and did this from the shell:
$ export CAMEL_DEBUG=all
$ evolution

When I try to check for supported auth types again, I get this debug
output:
sending : EHLO 192.168.0.33
received:
CamelException.setv(0xa7c59b8, 2, 'HELO command failed: Unknown')
sending : HELO 192.168.0.33
received: 250-STARTTLS
received: 250-ldap.nomeaning.net
received: 250-PIPELINING
received: 250-8BITMIME
received: 250-SIZE 0
received: 250 AUTH LOGIN PLAIN CRAM-MD5

(evolution:5808): GLib-CRITICAL **: file ghash.c: line 225 (g_hash_table_lookup): assertion `hash_table !=
NULL' failed
{ GLib error repeated 7 times... }
sending : QUIT
received: 250 ldap.nomeaning.net
CamelException.setv((nil), 2, 'QUIT command failed: Requested mail action okay,
completed')

Since *I* know what kinds of authentication are supported, I tried
setting Evo to use Login authentication. I've tried various settings
for "Use secure connection (SSL)" (it's not clear if this has anything
to do with TLS or if it means SMTP over SSL on port 443 or whatever...)

When I try to send a message from Evo using that server, I also get the
'HELO command failed', but Evo *does* seem to understand that my server
is refusing the unauthenticated sender, because I get a "DATA command
failed: Requested action not taken: mailbox name not allowed." and a 553
error in my Camel log. But in this case Camel is still reporting "HELO
command failed: Unknown" in the log.

I had a similar problem, but my worked great fom within the FW but it
took for ever to get a reply from outside. I then opened some ports and
it now works:
nmap of your address show:
PORT     STATE  SERVICE
22/tcp   open   ssh
25/tcp   open   smtp
53/tcp   open   domain
80/tcp   open   http
111/tcp  closed rpcbind
137/tcp  closed netbios-ns
138/tcp  closed netbios-dgm
139/tcp  closed netbios-ssn
161/tcp  closed snmp
389/tcp  open   ldap
443/tcp  open   https
445/tcp  closed microsoft-ds
636/tcp  closed ldapssl
993/tcp  open   imaps
1080/tcp closed socks
2000/tcp closed callbook
2049/tcp closed nfs
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3
6004/tcp closed X11:4
6005/tcp closed X11:5
6006/tcp closed X11:6
6007/tcp closed X11:7
6008/tcp closed X11:8
6009/tcp closed X11:9
6050/tcp closed arcserve



nmap of my server gives:

PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
25/tcp   open   smtp
53/tcp   open   domain
80/tcp   open   http
111/tcp  closed rpcbind
113/tcp  closed auth
137/tcp  closed netbios-ns
138/tcp  closed netbios-dgm
139/tcp  closed netbios-ssn
161/tcp  closed snmp
443/tcp  open   https
445/tcp  closed microsoft-ds
465/tcp  closed smtps
636/tcp  open   ldapssl
993/tcp  open   imaps
995/tcp  open   pop3s
1080/tcp closed socks
2000/tcp closed callbook
2049/tcp closed nfs
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3

I noticed that your ldapssl is closed. I think I was helped by adding
port 465 even if it shows as closed?


Searching the archives for "HELO command failed" only brought up a
thread from August '02 that seems unrelated.

Questions:
1) does the fact that Evo appears to be recognizing the 553 (host not
allowed) message indicate that the "HELO[EHLO, really] command failed"
is not a problem?  Considering that Evo is subsequently sending an HELO
after the EHLO fails, it seems this could cause problems with ESMTP.

2) is the situation with "Check for supported types" likely to imply
that I've still got problems with my SMTP AUTH setup?  The lack of any
helpful feedback from the UI leaves me wondering where the problem is.

3) somewhat tangential topic--to use STARTTLS (and eventually, IMAP with
SSL), what certificate do I need to import, and where?  I tried
importing the .pem file that my server is using (as an "Authority"), but
I'm not clear if I need to create a separate one for the client as well.

Thanks,
Eric

P.S. Sometimes the 'HELO command failed:' is followed by something like
"Operation now in progress" rather than "Unknown"


_______________________________________________
evolution maillist  -  evolution lists ximian com
http://lists.ximian.com/mailman/listinfo/evolution

Tom

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: [Evolution] Camel problem: HELO command failed
  - From: Eric Lambart

References:
- [Evolution] Camel problem: HELO command failed
  - From: Eric Lambart

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]