Re: [Exim] Outlook AUTH + TLS on a non-standard port

Top Page
Delete this message
Reply to this message
Author: Father Peter Darin
Date:  
To: exim-users
Subject: Re: [Exim] Outlook AUTH + TLS on a non-standard port
This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Hello, I don't have experience on SSL but I have extensively dealt with AOL and other ISP's hijacking port 25. My experience has been that all port below 1024 are hijack at point or another with the exclusion of 110.

I got around this by using a port above 30,000. Please let me know if this helps.
----- Original Message -----
From: Rick Ennis
To: exim-users@???
Sent: Wednesday, June 05, 2002 11:35 PM
Subject: Re: [Exim] Outlook AUTH + TLS on a non-standard port



Aha! Excellent! My first thought on seeing your message was "thank god
someone else has seen this." And now after perusing it and trying to
implement everything, it works beautifully! Thank you for explaining
all that. Searching the Exim docs (and list) I can't figure out how to
configure the SMTPS part. So I just went with stunnel like you
suggested. Works like a charm. Thanks again! Finally I can stop
pounding my head against this one!

Rick


James P. Roberts wrote:
> Rick:
>
> This was just one of the many things that broke the camel in my frontal
> lobe.
>
> Outlook with SSL checkbox enabled will respond correctly to STARTTLS
> when it is sending to port 25. On any other port, as far as I know, it
> will instead expect STMPS protocol. So, what I do is, I run Stunnel on
> port 465, with the "-n smtp" flag set, and redirect to my port 25.
> Stunnel handles the encryption stuff and forwards everything
> (unencrypted) to Exim on port 25. The SMTP AUTH then occurs over the
> encrypted Stunnel channel. This happens with Outlook Express, also.
>
> If you do this, make sure you require SMTP AUTH from the local machine,
> also, since Stunnel makes it look to Exim like the connection is local
> (if Stunnel is running on the local machine).
>
> They tell me that Exim 4.04 handles SMTPS protocol, but unfortunately,
> you have to use it on all ports, or no ports. So, since I'd already
> found the Stunnel solution, I stuck with it, instead of creating a
> second instance of Exim listening on port 465 with SMTPS stuff enabled.
>
> In my case, it was a customer trying to send email while logged in via
> AOL, which hijacks all connections to any port 25 (from their
> customers), to their own email servers' port 25. arrrrrrgh.
>
> Jim Roberts
> Punster Productions, Inc.
> www.punsterproductions.com
>
> ----- Original Message -----
> From: "Rick Ennis" <rge@???>
> To: "exim-users" <exim-users@???>
> Sent: Wednesday, June 05, 2002 1:50 AM
> Subject: [Exim] Outlook AUTH + TLS on a non-standard port
>
>
> This may be too obscure for a sane person's interest. But by now I'm
> not
> only frustrated but really curious as to why this doesn't work.
>
> I have Exim 4.02 happily servicing Outlook 2000's "outbound messages"
> using
> both SMTP AUTH and TLS on port 25. Motivated by a friend whose ISP
> appears
> to be blocking port 25, I tried running the same Exim config on port 23
> (we
> don't use telnet anyway). Then I changed the value for Outlook's
> outgoing
> mail server port. Simple enough, right? Now I suddenly get connection
> failure errors in Outlook when I try to send out mail. Nothing ever
> hits
> my linux box (or exim's logs). Outlook just prints its generic
> "Account:
> foo, Server: outbound, Port: 23, SSL: Yes" message but with no specific
> error. Well, I think it may say something like "Socket Error: 110110"
> (I
> just made that number up).
>
> Interestingly enough, Outlook --> Exim works on port 23 if I disable
> outbound SSL/TLS. Could Outlook have something hard-coded to port 25
> for
> SSL even though they give you the option to change it? Does anyone have
> experience with this? I've tried running Exim on 25 and port forwarding
> something else to it. But the problem consistently appears to be on the
> desktop side.


--
Rick Ennis
ennis@???
mobile: 617-899-0744

--



--- [ Tanaya/Exim/Antiviral ] ---
This message has been scanned with INOCULATE, H+BEDV AntiVir, and F-PROT
antivirus software and has been determined to be VIRUS FREE.