[Evolution] Camel problem: HELO command failed

Thomas Spuhler ThomasSpuhler@tusonix.com
Thu, 28 Oct 2004 13:44:37 -0700 

--=-/6aS35+CLM/DmzH3vo2E
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 2004-10-28 at 12:49, Eric Lambart wrote:
> Hello,
> I've moved across the US and am trying to set up a new mail server here
> locally, before migrating me and my users' data from the old system.
> I'm running netqmail 1.05 on Debian with SMTP AUTH and TLS patches,
> among others, and have no trouble connecting to my new server using
> telnet:
>=20
> $ telnet 66.93.17.126 25
> Trying 66.93.17.126...
> Connected to 66.93.17.126.
> Escape character is '^]'.
> 220 ldap.nomeaning.net ESMTP
> EHLO 192.168.0.33
> =20
> 250-STARTTLS
> 250-ldap.nomeaning.net
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 0
> 250 AUTH LOGIN PLAIN CRAM-MD5
> STARTTLS
> 220 ready for tls
>=20
> Looks good so far.  Well, Evolution won't talk to the server.  The first
> thing I've tried to do is set up a new account for this server (SMTP
> only, for now), and set "Server requires authentication" ON.  When I
> then click "Check for Supported Types", the UI gives me no feedback
> other than disabling the "Check..." button.
>=20
> So I shut down Evolution, and did this from the shell:
> $ export CAMEL_DEBUG=3Dall
> $ evolution
>=20
> When I try to check for supported auth types again, I get this debug
> output:
> sending : EHLO 192.168.0.33
> received:
> CamelException.setv(0xa7c59b8, 2, 'HELO command failed: Unknown')
> sending : HELO 192.168.0.33
> received: 250-STARTTLS
> received: 250-ldap.nomeaning.net
> received: 250-PIPELINING
> received: 250-8BITMIME
> received: 250-SIZE 0
> received: 250 AUTH LOGIN PLAIN CRAM-MD5
> =20
> (evolution:5808): GLib-CRITICAL **: file ghash.c: line 225 (g_hash_table_=
lookup): assertion `hash_table !=3D NULL' failed
>  { GLib error repeated 7 times... }
> sending : QUIT
> received: 250 ldap.nomeaning.net
> CamelException.setv((nil), 2, 'QUIT command failed: Requested mail action=
 okay,
> completed')
>=20
> Since *I* know what kinds of authentication are supported, I tried
> setting Evo to use Login authentication.  I've tried various settings
> for "Use secure connection (SSL)" (it's not clear if this has anything
> to do with TLS or if it means SMTP over SSL on port 443 or whatever...)
>=20
> When I try to send a message from Evo using that server, I also get the
> 'HELO command failed', but Evo *does* seem to understand that my server
> is refusing the unauthenticated sender, because I get a "DATA command
> failed: Requested action not taken: mailbox name not allowed." and a 553
> error in my Camel log.  But in this case Camel is still reporting "HELO
> command failed: Unknown" in the log.
I had a similar problem, but my worked great fom within the FW but it
took for ever to get a reply from outside. I then opened some ports and
it now works:
nmap of your address show:
PORT     STATE  SERVICE
22/tcp   open   ssh
25/tcp   open   smtp
53/tcp   open   domain
80/tcp   open   http
111/tcp  closed rpcbind
137/tcp  closed netbios-ns
138/tcp  closed netbios-dgm
139/tcp  closed netbios-ssn
161/tcp  closed snmp
389/tcp  open   ldap
443/tcp  open   https
445/tcp  closed microsoft-ds
636/tcp  closed ldapssl
993/tcp  open   imaps
1080/tcp closed socks
2000/tcp closed callbook
2049/tcp closed nfs
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3
6004/tcp closed X11:4
6005/tcp closed X11:5
6006/tcp closed X11:6
6007/tcp closed X11:7
6008/tcp closed X11:8
6009/tcp closed X11:9
6050/tcp closed arcserve



nmap of my server gives:

PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
25/tcp   open   smtp
53/tcp   open   domain
80/tcp   open   http
111/tcp  closed rpcbind
113/tcp  closed auth
137/tcp  closed netbios-ns
138/tcp  closed netbios-dgm
139/tcp  closed netbios-ssn
161/tcp  closed snmp
443/tcp  open   https
445/tcp  closed microsoft-ds
465/tcp  closed smtps
636/tcp  open   ldapssl
993/tcp  open   imaps
995/tcp  open   pop3s
1080/tcp closed socks
2000/tcp closed callbook
2049/tcp closed nfs
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3

I noticed that your ldapssl is closed. I think I was helped by adding
port 465 even if it shows as closed?


>=20
> Searching the archives for "HELO command failed" only brought up a
> thread from August '02 that seems unrelated.
>=20
> Questions:
> 1) does the fact that Evo appears to be recognizing the 553 (host not
> allowed) message indicate that the "HELO[EHLO, really] command failed"
> is not a problem?  Considering that Evo is subsequently sending an HELO
> after the EHLO fails, it seems this could cause problems with ESMTP.
>=20
> 2) is the situation with "Check for supported types" likely to imply
> that I've still got problems with my SMTP AUTH setup?  The lack of any
> helpful feedback from the UI leaves me wondering where the problem is.
>=20
> 3) somewhat tangential topic--to use STARTTLS (and eventually, IMAP with
> SSL), what certificate do I need to import, and where?  I tried
> importing the .pem file that my server is using (as an "Authority"), but
> I'm not clear if I need to create a separate one for the client as well.
>=20
> Thanks,
> Eric
>=20
> P.S. Sometimes the 'HELO command failed:' is followed by something like
> "Operation now in progress" rather than "Unknown"
>=20
>=20
> _______________________________________________
> evolution maillist  -  evolution@lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/evolution

Tom

--=-/6aS35+CLM/DmzH3vo2E
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBBgVo1CxGhsefPZLARAlg1AJ4sIMn0AST5XaePpW/ZEVLi2H3SZQCcCM5C
0oUXtcGY5ETBFGOPrLnM3HY=
=awb5
-----END PGP SIGNATURE-----

--=-/6aS35+CLM/DmzH3vo2E--