1748227 Members
4275 Online
108759 Solutions
New Discussion

starttls issue for gmail

 
zxcv
Super Advisor

starttls issue for gmail

Hi guys ,

am trying to configure smtp.gmail.com to enable to send mails to our corporate google apps mail id.

am getting the following error ;

 

 

050 530 5.7.0 Must issue a STARTTLS command first.

 

Please suggest what to do ?

hpux 11i v2

 

root #/ >sendmail -v tejas.chaudhari@xxx.in.
test from 29
tejas.chaudhari@xxx.in.... Connecting to [127.0.0.1] via relay...
220 xxx-dr.xxx.in ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3; Sat, 28 Apr 2012 10:53:01 +0530 (IST)
>>> EHLO xxx-dr.xxx.in
250-xxx-dr.xxx.in Hello smmsp@localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<tejas@xxx-dr.xxx.in> SIZE=13
250 2.1.0 <tejas@xxx-dr.xxx.in>... Sender ok
>>> RCPT To:<tejas.chaudhari@xxx.in>
>>> DATA
250 2.1.5 <tejas.chaudhari@xxx.in>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <tejas.chaudhari@xxx.in>... Connecting to smtp.gmail.com via relay...
050 220 mx.google.com ESMTP qd3sm835490pbb.13
050 >>> EHLO xxx-dr.xxx.in
050 250-mx.google.com at your service, [180.179.66.213]
050 250-SIZE 35882577
050 250-8BITMIME
050 250-STARTTLS
050 250 ENHANCEDSTATUSCODES
050 >>> MAIL From:<tejas@xxx-dr.xxxdns.in> SIZE=387
050 530 5.7.0 Must issue a STARTTLS command first. qd3sm835490pbb.13
050 <tejas@xxx-dr.xxx.in>... Connecting to local...
050 <tejas@xxx-dr.xxx.in>... Sent
250 2.0.0 q3S5N1bX022612 Message accepted for delivery
tejas.chaudhari@xxx.in.... Sent (q3S5N1bX022612 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 xxx-dr.xxx.in closing connection

 

=================================================

root #/etc/mail >grep "DS" sendmail.cf
# Relay all non-local mail to the "Smart" relay host (DS) via smtp: #
# to a smart relay via SMTP just set macro S (DS) to the name of the #
# Relay all non-local mail to the "Smart" relay host (DS) via UUCP: #
# make two chnages to this file. First, set macro S (DS) to the name #
DSsmtp.gmail.com
# noreceipts Don't return success DSN's
# Return-Receipt-To: header implies DSN request
# DHParameters (only required if DSA/DH is used)

 

12 REPLIES 12
Dennis Handly
Acclaimed Contributor

Re: starttls issue for gmail

Perhaps it was sent anyway?

250 2.0.0 q3S5N1bX022612 Message accepted for delivery

zxcv
Super Advisor

Re: starttls issue for gmail

Hi Dennis ,
But i didnt get in my mailbox
Steven Schweda
Honored Contributor

Re: starttls issue for gmail

 
zxcv
Super Advisor

Re: starttls issue for gmail

Hi Steven ,

 

Afetr heavy follow up on google i managed a ppt attached herewith.

Even afetr following the same am still not able to send mails to outside world i.e our corporate googleapps accnt zxcv@test.in

 

m gettng following error ;

 

root #/etc/mail >echo "Subject: test starttls"| sendmail -v -oL99 zxcv@test.in.
zxcv@test.in.... Connecting to smtp.gmail.com via relay...
220 mx.google.com ESMTP nv2sm7446510pbb.6
>>> EHLO cedge-dr.cedge.in
250-mx.google.com at your service, [180.179.66.213]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250 ENHANCEDSTATUSCODES
>>> MAIL From:<ted@cedge-dr.cedge.in> SIZE=23
530 5.7.0 Must issue a STARTTLS command first. nv2sm7446510pbb.6
tejas... Connecting to [127.0.0.1] via relay...
220 cedge-dr.cedge.in ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3; Fri, 4 May 2012 10:09:13 +0530 (IST)
>>> EHLO cedge-dr.cedge.in
250-cedge-dr.cedge.in Hello smmsp@localhost [127.0.0.1], pleased to meet you
250 ENHANCEDSTATUSCODES
>>> MAIL From:<>
451 4.3.0 Temporary system failure. Please try again later.
tejas... Deferred: 451 4.3.0 Temporary system failure. Please try again later.
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 cedge-dr.cedge.in closing connection
Closing connection to smtp.gmail.com
>>> QUIT
221 2.0.0 closing connection nv2sm7446510pbb.6

 

Why is it relaying through local host and not through smart relay..?

 

root #/etc/mail >grep "DS" sendmail.cf
# Relay all non-local mail to the "Smart" relay host (DS) via smtp:            #
#      to a smart relay via SMTP just set macro S (DS) to the name of the      #
# Relay all non-local mail to the "Smart" relay host (DS) via UUCP:            #
#      make two chnages to this file. First, set macro S (DS) to the name      #
DSsmtp.gmail.com
# noreceipts    Don't return success DSN's
# Return-Receipt-To: header implies DSN request
# DHParameters (only required if DSA/DH is used)

 

root #/etc/mail >grep "cert" sendmail.cf
# o CERT_DIR : The directory for storing sendmail certificates.                  #
# o confCACERT_PATH : The path that stores the certificates of all the           #
# o confCACERT : The file containing the certificate of the Certificate          #
#       Authority that issued this sendmail server's certificate.                #
#       certificate, the server's certificate used when acting as a              #
#       sendmail server's certificates.                                          #
O CACertPath=/etc/mail/certs
O CACertFile=/etc/mail/certs/CA/cacert.pem
O ServerCertFile=/etc/mail/certs/cert.pem
O ServerKeyFile=/etc/mail/certs/key.pem
O ClientCertFile=/etc/mail/certs/cert.pem
O ClientKeyFile=/etc/mail/certs/key.pem
# File containing certificate revocation lists
R<CS:$&{cert_subject}> $* $| <$+>       $@ $>"TLS_req" $1 $| <$2>
R<CS:$+> $* $| <$-:$+>  $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1
R<CI:$&{cert_issuer}> $* $| <$+>        $@ $>"TLS_req" $1 $| <$2>
R<CI:$+> $* $| <$-:$+>  $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
R$*                     $: $&{cert_issuer}
RSUBJECT                $: <@> $&{cert_subject}


zxcv
Super Advisor

Re: starttls issue for gmail

Hi ,

 

I have been trying for a while ,

 

root #/etc/mail >sendmail -v tejas.chaudhari@cedge.in.
test
tejas.chaudhari@cedge.in.... Connecting to [127.0.0.1] via relay...
220 cedge22.cedge.in ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3; Mon, 7 May 2012 19:29:11 +0530 (IST)
>>> EHLO cedge22.cedge.in
250-cedge22.cedge.in Hello smmsp@localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<tejas@cedge22.cedge.in> SIZE=5
250 2.1.0 <tejas@cedge22.cedge.in>... Sender ok
>>> RCPT To:<tejas.chaudhari@cedge.in>
>>> DATA
250 2.1.5 <tejas.chaudhari@cedge.in>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <tejas.chaudhari@cedge.in>... Connecting to smtp.gmail.com via relay...
050 220 mx.google.com ESMTP py6sm18287465pbc.13
050 >>> EHLO cedge22.cedge.in
050 250-mx.google.com at your service, [180.179.66.213]
050 250-SIZE 35882577
050 250-8BITMIME
050 250-STARTTLS
050 250 ENHANCEDSTATUSCODES
050 >>> STARTTLS
050 220 2.0.0 Ready to start TLS
050 >>> EHLO cedge22.cedge.in
050 250-mx.google.com at your service, [180.179.66.213]
050 250-SIZE 35882577
050 250-8BITMIME
050 250-AUTH LOGIN PLAIN XOAUTH
050 250 ENHANCEDSTATUSCODES
050 >>> MAIL From:<tejas@cedge22.cedge.in> SIZE=369
050 530-5.5.1 Authentication Required. Learn more at
050 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 py6sm18287465pbc.13
050 <tejas@cedge22.cedge.in>... Connecting to local...
050 <tejas@cedge22.cedge.in>... Sent
250 2.0.0 q47DxBgF025388 Message accepted for delivery
tejas.chaudhari@cedge.in.... Sent (q47DxBgF025388 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 cedge22.cedge.in closing connection

 

thanks in advance

Matti_Kurkela
Honored Contributor

Re: starttls issue for gmail

Apparently the Google SMTP server has two requirements:

1.) You must use TLS encryption. According to the log of your latest attempt, you've managed to solve this. Good.

 

2.) You must present an username and password to the Google server before it allows you to send mail through it. This is why your latest attempt is failing.

 

Google is actually trying to help you:

050 530-5.5.1 Authentication Required. Learn more at
050 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257

 Unfortunately, the advice is written mainly for desktop users, and is not too useful for configuring Sendmail.

 

The standard documentation for Sendmail is the O'Reilly book Sendmail. For version 8.13.3, you'll want the 4th edition of the book (or if a newer edition exists, that might be even better). I really recommend this book for anyone who needs to really understand Sendmail.

 

(It's a very big book, but don't worry - more than half of the book is configuration item reference: use the first chapters and the Table of Contents to find the configuration items you need and ignore the rest.)

 

Chapter 5.1.5 of Sendmail, 4th edition is about SMTP AUTH, which is the authentication mechanism Google wants you to use. It says the username and password should be stored in either /etc/mail/access or /etc/mail/authinfo depending on the options chosen when building the Sendmail configuration file (= whether FEATURE(`authinfo') was included in the .mc that controls the building of the configuration file or not).

 

The necessary configuration line would be like:

AuthInfo:smtp.gmail.com "U:GoogleUser" "P:GooglePassword"

 Of course, you must replace "GoogleUser" and "GooglePassword" with the actual username & password you use to access Google with.

 

 

Both /etc/mail/access and /etc/mail/authinfo are source files for creating the actual access database or authinfo database: just editing the files (or creating them if they don't already exist) is probably not enough. You must also create the actual database file using the makemap command.

 

To create/update the access.db file, you should do this:

cd /etc/mail
makemap hash access.db < access

 Likewise, to create the authinfo.db file (if configured), you should do this:

cd /etc/mail
makemap hash authinfo.db < authinfo

 

You should first try putting the AuthInfo line to /etc/mail/access (create it if it does not already exist) and creating the access.db file; then restart Sendmail and try to send some messages.

 

If it does not work, remove the AuthInfo line from /etc/mail/access and put it into /etc/mail/authinfo, then create the authinfo.db file and try again.

 

Your previous test messages are probably stored into the local email queue directory on your server (/var/spool/mqueue): run mailq to display the mail queue in a more readable form. Once you get the authentication to work, all the queued test messages may be sent to smtp.google.com... so you might want to clear the /var/spool/mqueue directory first, to avoid flooding your mailbox.

MK
zxcv
Super Advisor

Re: starttls issue for gmail

Hi Matti ,

 

After much R&D we have found that we can use aspmx.l.google.com in DS to send mails to our corporate google apps id.

But now we are facing one problem we have one application which has a config file asking for pop3 server details , when we put pop.gamil.com and we sent a mail to this id , in log we are getting pop.gamil.com timeout error.

 

Kindly guide us.

zxcv
Super Advisor

Re: starttls issue for gmail

Hi Matti ,
My requirement is that i have a box which has a perl script which receives/accepts a mail and in turn processes the application.

It requires following inputs,
<POP3SVRIP>gmail-pop.l.google.com</POP3SVRIP>
<POP3SVRPORT>995</POP3SVRPORT>
<SMTPSVRIP>smtp.gmail.com</SMTPSVRIP>
<SMTPSVRPORT>587</SMTPSVRPORT>
<SMTPAUTH>SMTPAUTHNONE</SMTPAUTH>

Are my entries correct ?
there is no pop3 entry in my /etc/inetd.conf file
before this we were using this application with no issues.
Since we have shifted to google apps am having torrid time.
zxcv
Super Advisor

Re: starttls issue for gmail

Hi Matti ,

 

I have a user id say xyz@cedge.in

if any1 sends a test mail to this id i must be able to download the same on a hp box ..which will be captured by my perl script running on that box.