Atomicorp

Ok, I have a client that gets the 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) error when he reply's to an email that he has never initiated an email to. This happens constantly. If he has previously sent the recipient an email and then reply's to a reply, no issues. He is using Outlook '07 if this has anything to do with the problem.

Using port 587.

What other information would be needed to help trouble shoot this?

Thanks.

Huh, thats what Id expect to see if its not authenticating on a relay event

One of my bosses, when working from home, has the same exact issue. His Outlook is set to authenticate so I can't figure what else could be wrong. Any ideas?

Ok, maybe this has to do with how I've got my email setup and how I've been telling clients to setup outlook.

Current Mail settings in Plesk:

All of these are selected:
authorization is required:
POP3 lock time 20 Min
SMTP

Current version of Plesk = 9.2.1
Domain Keys and psa-spamassassin are not enabled.
Running ART qmail.scanner, pyzor, DCC, clamd, spamassassin.

In outlook I have them selecting outgoing server requires authentication and then log on to incoming mail server first.

I have 3 files related to SMTP in my /etc/xinetd.d dir. Do I need all 3?

[root@gz xinetd.d]# more smtp_psa
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
env = POPLOCK_TIME=20 SMTPAUTH=1 POPAUTH=1 SHORTNAMES=1
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qm
ail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}

[root@gz xinetd.d]# more submission_psa
service submission
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = qmaild
instances = UNLIMITED
env = SUBMISSION=1 SMTPAUTH=1 SHORTNAMES=1
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bi
n/cmd5checkpw /var/qmail/bin/true
}

[root@gz xinetd.d]# more smtp_additional
service submission
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
env = SMTPAUTH=1 POPAUTH=1 POPLOCK_TIME=5 SHORTNAMES=1
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qma
il/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}

Remember that Outlook 2007, and mac email clients, are not compatible with Plesk's qmail's "proper" smtp authentication IF pop-before-relay (POP-LOCKING) is also enabled.

With the configs you have, by selecting receive before sending in the email client's authentication settings, all should work AS LONG as the client is NOT using port 587 (your config shows no pop-lock for the submission port). But from what you said, he is using 587.

So strip things back to basics. There's no chance that this has anything to do with having received an email from some particular person before or not (at least not in the way you might imagine). What's happening is something to do with incorrect authentication.

In other words, get him to use full smtp authentication, on port 587, with a full username (full email address) and password, not receive before sending. That should do it. (or at least I really hope so!).

Faris.

Made the change in the Outlook '07 client to not use the my SMTP server requires field and tested to be sure he could send. So his login is full name, pw and only port 587. He got a 553 error last night. Puzzling...

You should really just use SMTP AUTH and none of the other schemes like POP before, etc.. Plain old SMTP AUTH works on any mail client.

Still having issues, so just want to be sure I've got this configured correctly.

Plesk CP under Settings > Mail Server Settings > I have the following:
Relaying:
authorization is required: (YES)
POP3 lock time 20 Min (selected)
SMTP (selected)

Use either short or long name to login.

So, I'm assuming that the first part is ok? and I neec to change the bottom to be only long name Correct?

In the outlook client, login name is long, under the more settings, port 587 is set on the advanced tab and nothing checked / selected under the outgoing server tab.

Would the IP address that they are using have a play in this? I'm thinking / looking for best practice on the DNS portion of this.

Currently for most domains I'm using mail. or smtp. domain pointing to the IP address that they are being hosted on. Would this be correct or would it be more correct to have those MX records pointing to the main server IP?

Clients are getting frustrated as this doesn't happen except when they are under pressure to get information to their clients and I would really love to solve this.

This may be what's causing the problem:

POP3 lock time 20 Min (selected)

Although this only applies to port 25, it may have some relation to the problem. I'm just guessing/hoping.

Faris.

Thanks for that Faris, I'll try it without the pop locking checked. I'll report back.

Ok, this is driving me nuts..

Updated PSA to 9.2.3, yum update (no updates), removed check from pop lock so now server is only set for SMTP.

Could this be happening because of how I have my DNS setup? I wouldn't think so bu I could be wrong.

When I do a service stop on qmail I'm still getting this as running:
qmaild 4100 0.0 0.0 4832 1032 ? Ss 08:35 0:00 /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true

I just know I've got a config error somplace.. How do I get qmail to completely stop? I see qmail-smtpd, qmail-send qmail-clean all running even after I issue qmail stop. Are they supposed to keep running or do I have a real problem?