[SGVLUG] I can't send email (but now I can).
David Lawyer
dave at lafn.org
Wed Jun 7 15:27:04 PDT 2006
I couldn't send email due to my ISP starting to require TLS security
after June 1. It's taken a lot of time to figure out what was wrong
and it's an example of how desktop users might get turned off with
Linux.
My email uses mutt (Mail User Agent) and exim (Mail Transport Agent).
So prior to June 1, I check my logs for exim (in /var/log/exim4) and
noticed that TLS security was already being used for each email. So I
thought: there will be no problem with the requirement for TLS since
it's already working.
Next, a few days after June 1st (after TLS was required) I happened to
look at my mail queue and found a number of frozen messages. Further
checking showed that they had been refused by my ISP due to lack of
authentication (failed TLS ?). This was strange because I hadn't changed
anything and TLS was previously working. I read over parts of the
Debian README for exim and it said the TLS is automatically enabled as
a client and there is nothing to configure. It even said "you can
stop reading now". Wrong: It turned out (after hours of checking,
including watching the email negotiations) that I needed to populate the
file /etc/exim4/passwd.client with my mail-server-name, my user-name
and my mail-server-password. Even then it didn't work because the
mail-server-name must be the canonical name of the server.
Then a couple of days later it stopped working and I didn't know why.
It turned out that I had modified the exim config. file by using my
mail-server's IP number instead of the mail server's name
(non-canonical by the way). I did this thinking it would save a DNS
lookup. So I then eventually added the IP number to the
/etc/exim4/passwd.client file and it was fixed. But for checking out
this last problem, I downloaded the swaks debian package which is
supposed to be for debugging email. But it was missing the perl
module that one needs for TLS which was in the "Suggests" list for the
package. Trying to find perl module packages wasn't easy since I
didn't know how they were named. The perl name is like: NET::SSLeay
and there's a Debian package for it but you'll not find it at the
Debian site by searching on the perl name.
However, after all the trouble of getting swaks to work with DNS, I
still couldn't trace the problem and had to use exim in debug mode.
swaks did show that my email server worked OK with TLS without using
the canonical name of the server. In other words, it's likely that my
exim side of the negotiations was refusing the trasfer. Anyway, my
email works fine now although I still don't fully understand a few
things.
So while mutt and exim is a nice mail system, it takes some computer
savvy to keep it working. And most desktop users wouldn't have the
knowledge or the time to deal with such a problem. The plus side of
solving such a problem is that you learn something about smtp
negotiations, etc. and perl module names by doing this but it's not
for the typical desktop user.
David Lawyer
More information about the SGVLUG
mailing list