1
strange authenticaion issue
Question asked by SpamHurts - August 12, 2015 at 12:59 PM
Unanswered
So I have a customer today, and he was getting error sending VIA mac mail, stating that he could not Send. I go through and set up the outgoing server. Still fail. Get back to the screen defining the outgoing and it was blank. Have him select it again, and more issues. He was set up with IMAP, so I decided, let's just delete and recreate. Now he had some kind of mac or .me account on the mac mail too, and he removed it. I had now a blank shell to deal with. Then I had him restart the program before the new setup. I cleared his connections in the SM admin just for GP. I recreated the account, and he continued to get errors. Though one of his messages did send. Here is what the SMTP logs told me.
 
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 220 mailsrv.mymailserver.com
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] connected at 8/12/2015 10:52:15 AM
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] cmd: EHLO [mycustomersdeviceip 0.0.0.1]
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 250-mailsrv.mymailserver.com Hello [8.8.8.1 (mycustomers IP address)]250-SIZE 31457280250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] cmd: AUTH CRAM-MD5
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 334 PDEzMzQzNzU2NTMuNjM1NzQ5NzM1MzU3MDA5Njk5QG1haWxhMTUud2ViY29udHJvbGNlbnRlci5jb20+
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] Authenticating as myCUST@mycustomersdomain.com
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 235 Authentication successful
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] Authenticated as myCUST@mycustomersdomain.com
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] cmd: MAIL FROM:<mail.mycustomersdomain.com>
[2015.08.12] 10:52:15 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 250 OK <mail.mycustomersdomain.com> Sender ok
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][53290260] cmd: RCPT TO:<supertestingaccount@gmail.com>
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 550 <supertestingaccount@gmail.com> No such user here
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][53290260] cmd: QUIT
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][53290260] rsp: 221 Service closing transmission channel
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][53290260] disconnected at 8/12/2015 10:52:16 AM
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 220 mailsrv.mymailserver.com
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] connected at 8/12/2015 10:52:16 AM
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] cmd: EHLO [mycustomersdeviceip 0.0.0.1]
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 250-mailsrv.mymailserver.com Hello [8.8.8.1 (mycustomers IP address)]250-SIZE 31457280250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] cmd: AUTH CRAM-MD5
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 334 PDY0NTkyNzc3MC42MzU3NDk3MzUzNjg4NjU5MjdAbWFpbGExNS53ZWJjb250cm9sY2VudGVyLmNvbT4=
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] Authenticating as myCUST@mycustomersdomain.com
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 235 Authentication successful
[2015.08.12] 10:52:16 [8.8.8.1 (mycustomers IP address)][4577467] Authenticated as myCUST@mycustomersdomain.com
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] cmd: MAIL FROM:<myCUST@mycustomersdomain.com>
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 250 OK <myCUST@mycustomersdomain.com> Sender ok
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] cmd: RCPT TO:<anotherrecipient@mac.com>
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 250 OK <anotherrecipient@mac.com> Recipient ok
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] cmd: DATA
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 250 OK
[2015.08.12] 10:52:17 [8.8.8.1 (mycustomers IP address)][4577467] Data transfer succeeded, writing mail to 47288109.eml
[2015.08.12] 10:52:49 [8.8.8.1 (mycustomers IP address)][4577467] rsp: 421 Command timeout, closing transmission channel
[2015.08.12] 10:52:49 [8.8.8.1 (mycustomers IP address)][4577467] disconnected at 8/12/2015 10:52:49 AM
 
As you can see from the logs, the from message in the first log, for the message that didn't deliver, the message is coming from mail.mycustomersdomain.com. That isn't going to work, that has to be a user.
 
In the second log, you will see that the from is now proper, myCUST@mycustomersdomain.com> not from his server.
 
Now here is the kicker. we didn't even use mail.mycustomersdomain.com in the configuration at all. As you may or may not know, apple products seem to love using SSL and we user the domain name that the SSL certificate is issued to. That would be mailsrv.mymailserver.com That is what we used, never did we use mail.mycustomersdomain.com. I told him that it has to be saved somehow in his Icloud account, but I still don't know how that is happening. Customers always tell the truth :o)
 
Anyway, I can see why it failed, but any one able to tell me how come why for it is happening?
Remember kids, every time a spam message gets blocked, a nerd gets their glasses. spamhurts/July 15

2 Replies

Reply to Thread
0
SpamHurts Replied
August 22, 2015 at 9:23 PM
bump
Remember kids, every time a spam message gets blocked, a nerd gets their glasses. spamhurts/July 15
1
Joe Wolf Replied
August 23, 2015 at 10:36 AM
Are you using the latest version of SmarterMail?  I seem to remember a fix for a Mac Mail problem in the last few versions.
Thanks,
-Joe

Reply to Thread