Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

SMTP errors when using authentication

Hello,

I honestly searched all the forum and cannot find what I am looking for.

My system/installation info is as follows:

#CCCCCC 1.0pt;mso-border-bottom-alt:solid #CCCCCC .75pt; mso-yfti-tbllook:1184">

osTicket Version

v1.9.3 (bba9ccc)

Server Software

Microsoft-IIS/7.5

PHP Version

5.6.1

MySQL Version

5.6.21


Running on Windows Server 2008 R2It is configured to create tickets by fetching e-mails only as it is on our internal LAN and not on the public web server. The MS Exchange Server is hosted by the 3rd party.IMAP/POP3 both with SSL and without SSL work fine, but I cannot get SMTP working.I have the support@ e-mail configured in the Emails. I enable SMTP, enter the SMTP address supplied by our hosting provider, the port, etc. When I select Authentication Required = No, the e-mails are sent all right, but only within the @ourcompany.com domain, I get the error message in the system log saying 
Unable to email via SMTP:smtp.provider.com:25 [support@ourcompany.com] Failed to add recipient: email@domain [SMTP: Invalid response code received from server (code: 550, response: 5.7.1 Unable to relay)]

As, obviously, the Exchange is configured not to allow Relay for non-authenticated users.

When I change Authentication required to Yes I get the following error:

Sending Email via SMTP   
authentication failure [SMTP: STARTTLS failed (code: 220, response: ready for tls)]

Comments

  • I've read that I need openssl enabled. Here is my openssl version:

    OpenSSL support                  enabled

    OpenSSL Library Version    OpenSSL 1.0.1i 6 Aug 2014

    OpenSSL Header Version   OpenSSL 1.0.1i 6 Aug 2014

    Directive                                  Local Value                               Master Value

    openssl.cafile                         no value                                      no value

    openssl.capath                       no value                                      no value

    Can anyone help me to understand what I am missing. I am not an expert on SSL, but I can see that CA certificate is missing, am I getting the error because of this? Also is there any way to enable logs specific for SMTP if I am not using the PHP mail function (I know that PHP mail log is configured in php.ini). I am not even getting as far as to select how to send e-mails: via SMTP or PHP mail because I cannot save my SMTP settings. Also I don't want to edit any .php files as it was suggested in one of the threads to disable STARTTLS. My preference is to use STARTTLS. Any help appreciated

  • Why not just log into Exchange, open the Exchange Management Console, go to Server Configuration -> Hub Transport, and setup a receive connector for your web server?
  • Why not just log into Exchange, open the Exchange Management Console, go to Server Configuration -> Hub Transport, and setup a receive connector for your web server?
    Because I don't have access to the Exchange server configuration. I can only create mailboxes with some standard properties using the portal the 3rd party is operating. I might probably ask them to change the config, but the problem is that the service is the shared exchange, they might not be willing to change anything at all...
  • Maybe someone has some ideas about how to switch to using some other class(es). I was reading about the PHPMailer, etc. but it is still not clear to me what my options are. In the osTicket help documentation I can only see that there is that built-in PHP mail (which is configured in php.ini), and SMTP. What else could I try?
  • Your options are PHPmail or SMTP, neither will work with out a properly configured email server however.
  • The email server is configured properly. I can connect to the same smtp server and port over TLS using Outlook. But when I enter the same information in the e-mail configuration in osTicket, I get the error
  • edited November 2014
    So then you have setup a receive connector for your 3rd party hosted Exchange Server to allow your webserver to send mail through it?

    Are you running outlook on the webserver?

    Have you tried: putting tls:// before smtp.domain.ext
  • I don't know how the receive connectors are set up on the exchange as I said. Do you think there is a difference in terms of what client applications can send mail? So Outlook can be allowed while a web app is not? I need to ask the provider very specific questions, they have been useless so far...

    No, no Outlook on the webserver, I was testing the smtp configuration from Outlook installed on another machine. But I don't think there are any problems with this (such as firewall, etc.)

    Have tried tls://, getting [SMTP: Failed to connect socket: fsockopen(): unable to connect to tls://auth.provider.com:25 (Unknown error) (code: -1, response: )]

    I suppose I need to go back to the Exchange support team once again at this stage. Thanks for all the suggestions.
  • I see one possible issue. If I'm not mistaken, a TLS connection uses some other port than 25.  I didn't pay much attention to this topic when I saw it was related to Exchange (not my strength at all).  But now I'm wondering why your system must use Exchange for its OUTBOUND mail. This seems unnecessarily messy.  Do you have no other options?

    Jack
  • I wrote something similar and apparently never hit post comment, because it was still sitting here when I came back to the post saved as a draft.  Oops.

    I use Exchange for my outgoing mail also, but we do not use SMTP Auth, but do limit connections only from specific places.
  • I guess that's common for Windows hosts, since (I think) they don't come with SMTP servers built-in like virtually every Linux distribution and every Unix flavor.

    Jack
  • Yeah.  You can configure PHP to use exchange for mail (see the windows mail section of the php.ini) and use phpMail. 
  • edited December 2014
    It is just terminology. By Exchange I mean the product: Microsoft Exchange Server. The product supports:
    1) Microsoft Exchange Server uses a proprietary RPC protocol, MAPI/RPC,[35] that was designed to be used by Microsoft Outlook
    2) E-mail hosted on an Exchange Server can also be accessed using SMTPPOP3 and IMAP4 protocols
    So I am connecting to the Exchange server using SMTP. And both ports 25 and 587 work from Outlook. So I am definitely writing to the service provider to see if they differentiate between different clients (Outlook vs non-Outlook
    If I fail I might look at the option of using the Exchange protocol (didn't know I would do that, thanks!)
  • Ok, I gave up struggling with SMTP. Decided to use PHP mail for the auto-response e-mail address which needs sending e-mails to external recipients. And I am using sendmail as per http://php.net/manual/en/ref.mail.php as the native PHP mail does not allow authentication
    Not sure what the problem was with the pear class, but sendmail works perfectly all right.
  • slight clarification:
    2) E-mail hosted on an Exchange Server can also be accessed using SMTPPOP3 and IMAP4 protocols

    Exchange does not ship with those services (POP/IMAP) enabled by default, and the server needs configured to enable them.  And when it comes to SMTP you need to setup setup a receive connectors.

    I'm glad that you got this working (although in s slightly different configuration than you originally intended).  Should I mark this thread as resolved and close it?

  • slight clarification: 2) E-mail hosted on an Exchange Server can also be accessed using SMTP, POP3 and IMAP4 protocols Exchange does not ship with those services (POP/IMAP) enabled by default, and the server needs configured to enable them.  And when it comes to SMTP you need to setup setup a receive connectors. 
    I assume that if sending mails worked using 'sendmail' the SMTP configuration on the Exchange server is ok. I have a suspicion that something is wrong with the way the pear class starts negotiation after having established the secure session (STARTTLS).

    Yes, the thread can be closed. My solution works. The only limitation to this solution is that I cannot use several auto-response e-mails because the sendmail config can only take 1 account/1 send from e-mail.
  • I've let the devs know what you think, and maybe they will find something that we did not.

    Closing thread.  Feel free to start a new thread if you have another question, comment, etc.
This discussion has been closed.