[opensuse] Postfix, stunnel, and MS Exchange
Got a problem I hope someone can answer. This is my situation. My home office (i.e. mail relay) uses MS Exchange. It seems it will only listen on port 25. They are wanting all mail to be transport encrypted. They have setup stunnel to listen on port 465 and 2525 for their exchange server. It works with most email clients to select ssl encryption for the smtp server on port 465 (they also use auth). I tried but could not get the smtp client of postfix to work with that setup to relay mail through them here at home. My ISP blocks all port 25 traffic to force all smtp traffic to go through them. At the office (I was testing first at home) we use a different ISP that does not block port 25. On port 25 (with telnet) their exchange server responds, but there is nothing if telneted to port 465 pr 2525. I got postfix's smtp client to work at work (it uses TLS on port 25), including auth. Here at home, I need to get it working as well (and at least Eudora also has a problem with their setup if port 25 is blocked by the ISP). Is there a way to get it working as is, or could I install and setup stunnel to get the postfix smtp client to work through stunnel on either port 2525 or 465? Is so, any pointers? TIA for any help or alternate ideas. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 12 January 2007 00:54, Joe Morris (NTM) wrote:
Got a problem I hope someone can answer. This is my situation. My home office (i.e. mail relay) uses MS Exchange. It seems it will only listen on port 25.
The Port is configurable. And you can add additional Ports of course.
They are wanting all mail to be transport encrypted. They have setup stunnel to listen on port 465 and 2525 for their exchange server. It works with most email clients to select ssl encryption for the smtp server on port 465 (they also use auth). I tried but could not get the smtp client of postfix to work with that setup to relay mail through them here at home.
This SSL-Mode is not supported by Postfix. Postfix supports the Standard way (Client-Side) where the Connection is established unencrypted and the Encryption is switched on after that (STARTTLS). Most Clients will support the SSL-Mode, so you will have luck with Clients.
My ISP blocks all port 25 traffic to force all smtp traffic to go through them. At the office (I was testing first at home) we use a different ISP that does not block port 25. On port 25 (with telnet) their exchange server responds, but there is nothing if telneted to port 465 pr 2525.
You cannot telnet to an already encrypted Port. If you want to test that, use openssl as client. $ openssl s_client -connect ... man openssl man s_client
I got postfix's smtp client to work at work (it uses TLS on port 25), including auth. Here at home, I need to get it working as well (and at least Eudora also has a problem with their setup if port 25 is blocked by the ISP). Is there a way to get it working as is, or could I install and setup stunnel to get the postfix smtp client to work through stunnel on either port 2525 or 465? Is so, any pointers? TIA for any help or alternate ideas.
Hmm, the best way would be to configure your Exchange Box to listen on a second Port with TLS enabled maybe 465 or 26 or whatever. Another way of course would be to setup stunnel on your Home-Postfix-Box to reconvert the encrypted Session in an unencrypted. -- Andreas -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Andreas Winkelmann wrote:
On Friday 12 January 2007 00:54, Joe Morris (NTM) wrote:
Got a problem I hope someone can answer. This is my situation. My home office (i.e. mail relay) uses MS Exchange. It seems it will only listen on port 25.
The Port is configurable. And you can add additional Ports of course.
Just to be sure I we are understanding each other, you are saying it IS possible for MS Exchange to listen on other ports? I definitely think this is the correct way to solve this problem, but if it is possible do you know how (or any links to some info). I was under the understanding it wasn't possible to change it (but they are Windows admins and not used to the freedom of choice). BTW, it seems to be Exchange 6.5. Thanks much for your help, your email confirms much of what I had found by testing and more testing. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 12 January 2007 09:53, Joe Morris (NTM) wrote:
Andreas Winkelmann wrote: Just to be sure I we are understanding each other, you are saying it IS possible for MS Exchange to listen on other ports? I definitely think this is the correct way to solve this problem, but if it is possible do you know how (or any links to some info).
You can change the services file just like in unix, have a look here: http://support.microsoft.com/default.aspx?scid=kb;en-us;173903 The article is based on Exchange 5.5 (I wonder when they'll start calling it Exchange Classic) because there is no way to change it from the Exchange admin software in that version. I think they changed this behaviour in later versions but if you can't find the setting then it's probably worth giving it a bash. HTH, James. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Watkins wrote:
On Friday 12 January 2007 09:53, Joe Morris (NTM) wrote:
Just to be sure I we are understanding each other, you are saying it IS possible for MS Exchange to listen on other ports? I definitely think this is the correct way to solve this problem, but if it is possible do you know how (or any links to some info).
You can change the services file just like in unix, have a look here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;173903
The article is based on Exchange 5.5 (I wonder when they'll start calling it Exchange Classic) because there is no way to change it from the Exchange admin software in that version. I think they changed this behaviour in later versions but if you can't find the setting then it's probably worth giving it a bash.
Thanks for that info James, but I was wanting Exchange to listen to 25 AND maybe 2525. I don't suppose it would work making 2 smtp entries in its services file. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 12 January 2007 12:14, Joe Morris (NTM) wrote:
Thanks for that info James, but I was wanting Exchange to listen to 25 AND maybe 2525. I don't suppose it would work making 2 smtp entries in its services file.
Sorry, I misunderstood you. I'm afraid I couldn't tell you how to make Exchange listen on two ports at the same time but it looks like someone else has got the answer. Good luck, James. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 12 January 2007 10:53, Joe Morris (NTM) wrote:
Got a problem I hope someone can answer. This is my situation. My home office (i.e. mail relay) uses MS Exchange. It seems it will only listen on port 25.
The Port is configurable. And you can add additional Ports of course.
Just to be sure I we are understanding each other, you are saying it IS possible for MS Exchange to listen on other ports? I definitely think this is the correct way to solve this problem, but if it is possible do you know how (or any links to some info). I was under the understanding it wasn't possible to change it (but they are Windows admins and not used to the freedom of choice). BTW, it seems to be Exchange 6.5. Thanks much for your help, your email confirms much of what I had found by testing and more testing.
Exchange System-Manager -> Organisation -> Administrative Groups -> Administrative Group -> Servers -> Server -> Protocols -> SMTP -> Properties of default SMTP Virtual Server -> IP Address ... Advanced -> Add .... -- Andreas -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Andreas Winkelmann
-
James Watkins
-
Joe Morris (NTM)