Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » SMTPS relay problem (Connection to relay SMTP server via SSL (port 465) fails)
  •  
zero

Messages: 6
Karma: 0
Send a private message to this user
We are running KMS 6.7.3. on a Debian 5.0.3 server. Most things work fine but we ran into problems with message sending. We are using the SMTP relay server of our provider that runs on port 465. If we try to send mails to it, we get a "4.4.2. No greeting from server".

This is what debug.log says about it

[12:22:27] {conn} Connecting to XXX.XXX.XXX.XXX:465 ...
[12:22:27] {smtpc} Connected to relay server mail.XXX.com
[12:22:54] {smtpc} SMTP connection closed while reading SMTP reply
[12:22:54] {smtpc} No greeting from server mail.XXX.com

There is no SSL transaction data in debug.log for that connection (Other than for polling mail with POP3S).

I checked wether it may be an SSL problem by manually firing up an SSL connection with:

openssl s_client -crlf -connect mail.XXX.com:465

This works and I get a

220 mail.XXX.com ESMTP

from the server

So looks as if the connection with KMS fails even before negotiating the SSL connect. If I use the same connection data with let's say Apple mail on a client computer everingthing works fine.

The providers server does not support TLS via port 25, so this is no alternative.

Any idea anybody?

[Updated on: Tue, 15 December 2009 12:56]

  •  
marook

Messages: 520

Karma: 3
Send a private message to this user
And why do you need SSL for a simple relay?
Does it work without SSL on port 25, or maybe 587??

Regards,

Jakob Peterhänsel
Consultant - Humac A/S

Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
  •  
zero

Messages: 6
Karma: 0
Send a private message to this user
marook wrote on Tue, 15 December 2009 20:53
And why do you need SSL for a simple relay?
Does it work without SSL on port 25, or maybe 587??


No, our external mail provider is security aware. It only accepts SSL encrypted e-mail transport from and to its customers.
  •  
marook

Messages: 520

Karma: 3
Send a private message to this user
Well, I haven't been using SSL with a relay SMTP connection, but it works fine here with normal direct SMTP - when the remote server has SSL enabled.
There is also no SSL settings on the Relay settings, but as it should act 'as a client' here, it should be able to use SSL.
Have you opened a ticket with support.kerio.com?

Regards,

Jakob Peterhänsel
Consultant - Humac A/S

Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
  •  
zero

Messages: 6
Karma: 0
Send a private message to this user
marook wrote on Wed, 16 December 2009 12:01
Well, I haven't been using SSL with a relay SMTP connection, but it works fine here with normal direct SMTP - when the remote server has SSL enabled.
There is also no SSL settings on the Relay settings, but as it should act 'as a client' here, it should be able to use SSL.
Have you opened a ticket with support.kerio.com?


The relay server does not support STARTTLS, therefor the normal direct SMTP on port 25/587 is no option for us. I thought the SSL setting in the SMTP settings tab was for outbound SMTPS as well. Guess I missed the small word "client" in the section.

Anyhow we solved the problem by setting up a tunnel to the relay host and filling this into the Kerios SMTP settings. Runs very smoothly. If anybody out there as well likes to SMTPS a relay host, just PM me for the HowTo.
Previous Topic: Meeting invitations very slow
Next Topic: Images lost when forwarding HTML Messages
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Sep 25 02:58:42 CEST 2017

Total time taken to generate the page: 0.00460 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.