HPE Community
Operating System - HP-UX
1752795 Members
6318 Online
108789 Solutions
New Discussion юеВ

Re: starttls issue for gmail

 
zxcv
Super Advisor

тАО05-08-2012 07:48 AM

тАО05-08-2012 07:48 AM

Re: starttls issue for gmail

Hi Matti ,

 

Tried ur auth options but still am getng the same error :(

 

root #/etc/mail >sendmail -v tejas.chaudhari@cedge.in.
test
tejas.chaudhari@cedge.in.... Connecting to [127.0.0.1] via relay...
220 vinayak.cedge.in ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3; Tue, 8 May 2012 20:18:45 +0530 (IST)
>>> EHLO vinayak.cedge.in
250-vinayak.cedge.in Hello smmsp@localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO vinayak.cedge.in
250-vinayak.cedge.in Hello smmsp@localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<tejas@vinayak.cedge.in> SIZE=5
250 2.1.0 <tejas@vinayak.cedge.in>... Sender ok
>>> RCPT To:<tejas.chaudhari@cedge.in>
>>> DATA
250 2.1.5 <tejas.chaudhari@cedge.in>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <tejas.chaudhari@cedge.in>... Connecting to smtp.gmail.com via relay...
050 220 mx.google.com ESMTP qq5sm2596271pbc.40
050 >>> EHLO vinayak.cedge.in
050 250-mx.google.com at your service, [203.124.23.222]
050 250-SIZE 35882577
050 250-8BITMIME
050 250-STARTTLS
050 250-ENHANCEDSTATUSCODES
050 250 PIPELINING
050 >>> STARTTLS
050 220 2.0.0 Ready to start TLS
050 >>> EHLO vinayak.cedge.in
050 250-mx.google.com at your service, [203.124.23.222]
050 250-SIZE 35882577
050 250-8BITMIME
050 250-AUTH LOGIN PLAIN XOAUTH
050 250-ENHANCEDSTATUSCODES
050 250 PIPELINING
050 >>> MAIL From:<tejas@vinayak.cedge.in> SIZE=356
050 530-5.5.1 Authentication Required. Learn more at
050 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 qq5sm2596271pbc.40
050 <tejas@vinayak.cedge.in>... Connecting to local...
050 <tejas@vinayak.cedge.in>... Sent
250 2.0.0 q48Emj00023354 Message accepted for delivery
tejas.chaudhari@cedge.in.... Sent (q48Emj00023354 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 vinayak.cedge.in closing connection

 

Am gettng the following in my mail.log

 

May  8 20:20:01 vinayak sm-mta[29777]: q48Eo1Xi029752: q48Eo1Xh029777: DSN: Insufficient permission
May  8 20:20:01 vinayak sm-mta[29777]: q48Eo1Xh029777: to=<root@vinayak.cedge.in>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32044, dsn=2.0.0, stat=Sent

0 Kudos
Reply
Matti_Kurkela
Honored Contributor

тАО05-22-2012 12:34 AM

тАО05-22-2012 12:34 AM

Re: starttls issue for gmail 

<POP3SVRIP>gmail-pop.l.google.com</POP3SVRIP>
<POP3SVRPORT>995</POP3SVRPORT>
<SMTPSVRIP>smtp.gmail.com</SMTPSVRIP>
<SMTPSVRPORT>587</SMTPSVRPORT>
<SMTPAUTH>SMTPAUTHNONE</SMTPAUTH>

 That configuration input seems to suggest that the Perl script communicates with the POP3/SMTP servers directly, so Sendmail might not be involved at all. If you can make it connect the Google POP3 server directly, maybe you won't need a local POP3 server in your /etc/inetd.conf at all. It might still be useful to configure the local Sendmail to send messages through the Google servers, but if the script/application can process the mails directly, it might not be absolutely necessary.

 

Time-out errors often mean network communication problems. More specifically, it often (but not always) means there is a network firewall that has not been configured to accept the connection. If your network contains firewalls, contact your firewall administrator and continue troubleshooting with him/her.

 

Without knowing more about the Perl script, I cannot suggest very much about it. But since the Google server requires authentication, I strongly suspect that "SMTPAUTHNONE" (which seems to mean "no SMTP authentication") is not the right choice. You would need to find some documentation for the Perl script that would describe the correct syntax for specifying the username and password (or any other authentication details) required by Google.

 

Are you sure the Perl script includes support for SSL/TLS-encrypted POP3 and SMTP (also known as pop3s and smtps)? If Google requires you to use the encrypted versions for security, and the script only supports the non-encrypted protocols, the script will fail.

 

If the Perl script has no SSL support, the "stunnel" application might be a possible workaround. You might configure stunnel in client mode as an inetd-based service on your local host (using whatever port number is free). The script would then be configured to connect to the stunnel service instead of the real Google POP3 server: the stunnel application would receive the connection, and forward it with SSL encryption to the Google server. A similar configuration is probably possible for SMTP too (although you will need the "protocol=smtp" option to enable special processing for STARTTLS).

 

For HP-UX 11.23 and newer, Stunnel is available for free from HP as part of the Internet Express package:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1123

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1131

 

Stunnel documentation and examples are available here:

http://www.stunnel.org/?page=docs

 

Sorry about the late answer...

MK
Reply
Advanced
New Member

тАО11-26-2013 09:07 AM

тАО11-26-2013 09:07 AM

Re: starttls issue for gmail

I worked around this same issue with SIM using stunnel, which allows using the same system as a gateway listening on port 25 for local requests and gmail's 465 for the responses from gmail.

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.