msmtp question

[Noonmid27]

hi guysI setup a mail server that uses fetchmail, procmail and msmtp..........i have the gmail certificate and the equifax certificate so when i fetch my mail i it uses encryption, i also have a certificate for msmtp........i have all the configuration files that are need to send and receive mail..........but when i try to send mail i get this message. msmtp: authentication failed (method PLAIN)msmtp: server message: 535 5.7.1 Credentials Rejected q15sm10428533qbq.0msmtp: could not send mail (account default from /home/malcolm/.msmtprc)my msmtprc looks like thisaccount defaulthost smtp.gmail.comport 587from 'username@gmail.com'tls ontls_starttls ontsl_trust_file /home/username/.certs/ThawtePremiumServerCA.crtauth onuser 'username'password '*********'logfile ~/.msmtp.logwhat is the problem and how can i fix this issue.........im able to receive mail but i cant sendmail.

[Bruno]

Hi NoonI have no knowledge of the msmtp program myself . . . but are you sure that port 587 is the correct one ??According to what I know port 465 is for secure-smtp . . . Bruno

[lewmur]

Hi NoonI have no knowledge of the msmtp program myself . . . but are you sure that port 587 is the correct one ??According to what I know port 465 is for secure-smtp . . . Bruno

I think 587 is the current port of choice. Though this site smtp ports does suggest that if 587 fails to try 465. Edited January 5, 2008 by lewmur

[striker]

I think it reacts to you're sending mail like a relay, which most ISPs don't allow with a regular account.What happens if you send an email through a regular mail client?What is in your msmtp.log?My mail client uses the below setting which I can check or uncheck:

Use not-blocking SSLTurn this off if you have SSL connection problems.

I have to uncheck this.Maybe the above give you some hints.

[Noonmid27]

I think it reacts to you're sending mail like a relay, which most ISPs don't allow with a regular account.What happens if you send an email through a regular mail client?What is in your msmtp.log?My mail client uses the below setting which I can check or uncheck:I have to uncheck this.Maybe the above give you some hints.

this is what my msmtp.log looks likeJan 05 04:04:05 host=smtp.gmail.com tls=on auth=on user='inshanster' from='inshanster@gmail.com' recipients=inshanster@gmail.com errormsg='cannot set X509 trust file /home/malcolm/.certs/ThawtePremiumServerCA.crt for TLS Session: Error while reading file.' exitcode=EX_NOINPUTJan 05 04:06:51 host=smtp.gmail.com tls=on auth=on user='inshanster' from='inshanster@gmail.com' recipients=inshanster@gmail.com smtpstatus=535 smtpmsg='535 5.7.1 Credentials Rejected q15sm10428533qbq.0' errormsg='authentication failed (method PLAIN)' exitcode=EX_NOPERMJan 05 04:12:02 host=smtp.gmail.com tls=on auth=on user='inshanster' from='inshanster@gmail.com' recipients=smtp.gmail.com smtpstatus=535 smtpmsg='535 5.7.1 Credentials Rejected q16sm1183723qbq.0' errormsg='authentication failed (method PLAIN)' exitcode=EX_NOPERM

[Bruno]

Hi Noon . . . . You say your msmtprc looks like:

account defaulthost smtp.gmail.comport 587from 'username@gmail.com'tls ontls_starttls ontsl_trust_file /home/username/.certs/ThawtePremiumServerCA.crtauth onuser 'username'password '*********'logfile ~/.msmtp.log

should not the line "tsl_trust_file /home/username/.certs/ThawtePremiumServerCA.crt" be "tsl_trust_file /home/malcolm/.certs/ThawtePremiumServerCA.crt" ??Also, not using Gmail myself . . . . but I am wondering if you really can use gmail.com as your smtp server. Bruno

[striker]

Hi Noon . . . . You say your msmtprc looks like: should not the line "tsl_trust_file /home/username/.certs/ThawtePremiumServerCA.crt" be "tsl_trust_file /home/malcolm/.certs/ThawtePremiumServerCA.crt" ??Also, not using Gmail myself . . . . but I am wondering if you really can use gmail.com as your smtp server. Bruno

Bruno, Gmail works Ok if set up properly. The ports noon uses are the right ones as far as I know. The problem however in this case might be noon using his own server. That means his server would probably acting like an ISPs server. Now when he wants to send some mail, he sends it to his server and that server sends it to the Gmail server. His own server will be seen by the Gmail server as a relaying server (and not like a regular email client ! ) which they probably reject for obvious reasons while using a standards account.I think the solution lays in the msmtp.log noon posted, but I don't use his set up myself so I can't be of any further assistance.

[Noonmid27]

Bruno, Gmail works Ok if set up properly. The ports noon uses are the right ones as far as I know. The problem however in this case might be noon using his own server. That means his server would probably acting like an ISPs server. Now when he wants to send some mail, he sends it to his server and that server sends it to the Gmail server. His own server will be seen by the Gmail server as a relaying server (and not like a regular email client ! ) which they probably reject for obvious reasons while using a standards account.I think the solution lays in the msmtp.log noon posted, but I don't use his set up myself so I can't be of any further assistance.

I have another quick quesiton.........would i need to have port 587 or 465 open on my computer to send mail......right now i dont have either one open.........could that be the problem. because if my mail is sent to my server first then i would need to have those ports open correct.

[striker]

Just try it and see what it does.If the Thawte cert. can be read now, then it should work imo.

[Bruno]

Why not do a test and remove these 3 lines from your msmtprc ?

tls ontls_starttls ontsl_trust_file /home/username/.certs/ThawtePremiumServerCA.crt

At least then you know where things go wrong. BrunoPS: You could also subscribe to the mailinglist and see if they can help you to take the next step. ( or check their Archives maybe your question is already covered )

[Noonmid27]

Why not do a test and remove these 3 lines from your msmtprc ? At least then you know where things go wrong. BrunoPS: You could also subscribe to the mailinglist and see if they can help you to take the next step. ( or check their Archives maybe your question is already covered )

hi guysI know most of you dont use the configuration that i am using but............i made some changes to the system wide muttfc file........some now it has sendmail = /usr/local/bin/msmtp.......i have that path set as well in the user muttrc file.......i also made a change in /etc/stunnel/stunnel.cnf so it read this now distinguished_name = req_dnx509_extensions = cert_type[ req_dn ]countryName = Country Name (2 letter code)countryName_default = PLcountryName_min = 2countryName_max = 2stateOrProvinceName = State or Province Name (full name)stateOrProvinceName_default = Some-StatelocalityName = Locality Name (eg, city)0.organizationName = Organization Name (eg, company)0.organizationName_default = Stunnel Developers LtdorganizationalUnitName = Organizational Unit Name (eg, section)#organizationalUnitName_default =0.commonName = Common Name (FQDN of your server)0.commonName_default = localhost# To create a certificate for more than one name uncomment:# 1.commonName = DNS alias of your server# 2.commonName = DNS alias of your server# ...# See http://home.netscape.com/eng/security/ssl_...ertificate.html# to see how Netscape understands commonName.[ cert_type ]nsCertType = serversetuid = smtpauthsetgid = amtpauthdebug = auth.noticeclient = no[smtps]accept = 465exec = /usr/sbin/stunnelexecargs = smtpauth domain 127.0.0.1when i send mail with mutt it says send but the message does not reach the recipient. what else can i try.

[Noonmid27]

hi guysI know most of you dont use the configuration that i am using but............i made some changes to the system wide muttfc file........some now it has sendmail = /usr/local/bin/msmtp.......i have that path set as well in the user muttrc file.......i also made a change in /etc/stunnel/stunnel.cnf so it read this now distinguished_name = req_dnx509_extensions = cert_type[ req_dn ]countryName = Country Name (2 letter code)countryName_default = PLcountryName_min = 2countryName_max = 2stateOrProvinceName = State or Province Name (full name)stateOrProvinceName_default = Some-StatelocalityName = Locality Name (eg, city)0.organizationName = Organization Name (eg, company)0.organizationName_default = Stunnel Developers LtdorganizationalUnitName = Organizational Unit Name (eg, section)#organizationalUnitName_default =0.commonName = Common Name (FQDN of your server)0.commonName_default = localhost# To create a certificate for more than one name uncomment:# 1.commonName = DNS alias of your server# 2.commonName = DNS alias of your server# ...# See http://home.netscape.com/eng/security/ssl_...ertificate.html# to see how Netscape understands commonName.[ cert_type ]nsCertType = serversetuid = smtpauthsetgid = amtpauthdebug = auth.noticeclient = no[smtps]accept = 465exec = /usr/sbin/stunnelexecargs = smtpauth domain 127.0.0.1when i send mail with mutt it says send but the message does not reach the recipient. what else can i try.

another question i have is how to find a specific line in a file fast.......because scrolling up and down with the text editor can be quite tedious especially with big files like the system wide muttrc file.

[Bruno]

another question i have is how to find a specific line in a file fast.......because scrolling up and down with the text editor can be quite tedious especially with big files like the system wide muttrc file.

I would use the "find" function of the kwrite editor . . . . Bruno