 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / IIS / SMTP/NNTP / October 2008IIS as Smarthost - Trouble with encrypted mail
Hello folks, having the following problem: An encrypted Mail isn't delivered from the Smarthost (IIS 5.1 on Windows XP Prof.) to the destination server. The smarthost quits undefinably the SMTP dialogue. Please see the follwing protocol: The encrypted Mail on its way from Exchange 2007 to Windows XP IIS 5.1 for delivery... 2008-09-29 18:12:25 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 EHLO - +fs02.domaene.local 250 0 160 23 0 SMTP - - - - 2008-09-29 18:12:25 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 MAIL - +FROM:<h.mueller@domaene.de> 250 0 45 59 0 SMTP - - - - 2008-09-29 18:12:25 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 RCPT - +TO:<info@datev.de> 250 0 26 23 0 SMTP - - - - 2008-09-29 18:12:25 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 DATA - +<27F0514DC145A44388F427383F332A3C0982BF06DC@fs02.domaene.local> 250 0 101 12812 63 SMTP - - - - 2008-09-29 18:12:25 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 QUIT - fs02.domaene.local 0 63 66 4 0 SMTP - - - - ...The smarthost quits undefinably the SMTP dialogue after greetings - Why? 2008-09-29 18:12:25 - OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 220+mailin02.datev.de+ESMTP+ 0 0 28 0 94 SMTP - - - - 2008-09-29 18:12:25 mailin02.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 EHLO - isa.domaene.de 0 0 4 0 94 SMTP - - - - 2008-09-29 18:12:25 mailin02.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250-mailin02.datev.de 0 0 21 0 141 SMTP - - - - 2008-09-29 18:12:25 mailin02.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 QUIT - - 0 0 4 0 235 SMTP - - - - 2008-09-29 18:12:25 mailin02.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 221+2.0.0+Bye 0 0 13 0 297 SMTP - - - - ...NDR is created... 2008-09-29 18:12:25 - OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 220+fs02.domaene.local+Microsoft+ESMTP+MAIL+Service+ready+at+Mon,+29+Sep+2008+20:12:27++0200 0 0 92 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionCommand SMTPSVC1 MAILGW - 25 EHLO - isa.domaene.de 0 0 4 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250-fs02.domaene.local+Hello+[192.168.1.8] 0 0 42 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionCommand SMTPSVC1 MAILGW - 25 MAIL - FROM:<> 0 0 4 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+2.1.0+Sender+OK 0 0 19 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionCommand SMTPSVC1 MAILGW - 25 RCPT - TO:<h.mueller@domaene.de> 0 0 4 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+2.1.5+Recipient+OK 0 0 22 0 0 SMTP - - - - 2008-09-29 18:12:25 fs02.domaene.local OutboundConnectionCommand SMTPSVC1 MAILGW - 25 BDAT - 14405+LAST 0 0 4 0 0 SMTP - - - - 2008-09-29 18:12:26 fs02.domaene.local OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+2.6.0+<bC8wSA1Xv00000001@isa.domaene.de>+Queued+mail+for+delivery 0 0 72 0 140 SMTP - - - - ................... Diagnoseinformationen für Administratoren: Generierender Server: isa.domaene.de info@datev.de #< #5.6.1 smtp;554 5.6.1 Body type not supported by Remote Host> #SMTP# Ursprüngliche Nachrichtenkopfzeilen: Received: from fs02.domaene.local ([192.168.1.4]) by isa.domaene.de with Microsoft SMTPSVC(6.0.2600.5512); Mon, 29 Sep 2008 20:12:25 +0200 Received: from fs02.domaene.local ([192.168.1.4]) by fs02.domaene.local ([192.168.1.4]) with mapi; Mon, 29 Sep 2008 20:12:26 +0200 Content-Transfer-Encoding: binary From: Hans Mueller <h.mueller@domaene.de> To: "info@datev.de" <info@datev.de> Date: Mon, 29 Sep 2008 20:12:25 +0200 Subject: TEST Thread-Topic: TEST Thread-Index: AckiXug8r6YzMztPTpqRX2BKPfnafg== Message-ID: <27F0514DC145A44388F427383F332A3C0982BF06DC@fs02.domaene.local> Accept-Language: de-DE Content-Language: de-DE X-MS-Has-Attach: yes X-MS-TNEF-Correlator: <27F0514DC145A44388F427383F332A3C0982BF06DC@fs02.domaene.local> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="_e43d1c26-2d6c-4480-a1f1-ddb7e6d38972_" Return-Path: h.mueller@domaene.de X-OriginalArrivalTime: 29 Sep 2008 18:12:25.0726 (UTC) FILETIME=[ED1ED1E0:01C9225E] ................... The Mail again, but this time, according to changes of configuration of the sendconnector (in Ex2007), the Exchange 2007 sends a HELO instead oh EHLO... when sending the Mail to smarthost... 2008-09-29 18:27:01 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 HELO - +fs02.domaene.local 250 0 43 23 0 SMTP - - - - 2008-09-29 18:27:01 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 MAIL - +FROM:<h.mueller@domaene.de> 250 0 45 32 0 SMTP - - - - 2008-09-29 18:27:01 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 RCPT - +TO:<info@datev.de> 250 0 26 23 0 SMTP - - - - 2008-09-29 18:27:01 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 DATA - +<27F0514DC145A44388F427383F332A3C0982BF06DD@fs02.domaene.local> 250 0 147 16364 63 SMTP - - - - 2008-09-29 18:27:01 192.168.1.4 fs02.domaene.local SMTPSVC1 MAILGW 192.168.1.8 0 QUIT - fs02.domaene.local 0 63 66 4 0 SMTP - - - - ...and now the Mail is on its way... 2008-09-29 18:27:01 - OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 220+mailin01.datev.de+ESMTP+ 0 0 28 0 266 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 EHLO - isa.domaene.de 0 0 4 0 266 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250-mailin01.datev.de 0 0 21 0 313 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 MAIL - FROM:<h.mueller@domaene.de>+SIZE=16626 0 0 4 0 375 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+2.1.0+Ok 0 0 12 0 422 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 RCPT - TO:<info@datev.de> 0 0 4 0 422 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+2.1.5+Ok 0 0 12 0 500 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 DATA - - 0 0 4 0 500 SMTP - - - - 2008-09-29 18:27:01 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 354+End+data+with+<CR><LF>.<CR><LF> 0 0 35 0 563 SMTP - - - - 2008-09-29 18:27:07 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 250+OK+id=149852::080929202939-37EC7E60-6BF407D0/0-0/0-0 0 0 56 0 5391 SMTP - - - - 2008-09-29 18:27:07 mailin01.datev.de OutboundConnectionCommand SMTPSVC1 MAILGW - 25 QUIT - - 0 0 4 0 5422 SMTP - - - - 2008-09-29 18:27:07 mailin01.datev.de OutboundConnectionResponse SMTPSVC1 MAILGW - 25 - - 221+2.0.0+Bye 0 0 13 0 5484 SMTP - - - - The Smarthost (IIS) is configured not to offer 8Bit-MIME. What's the problem? After changing the sendconnector from EHLO to HELO, we have some suspicious behaviours: Mails hang in queue for hours or days, Mails are sent 200 times or mails are sent without attachments... So, I think I need a EHLO from Exchange, but how get I the encrypted mail delivered? What can I do? Thanks in advance. Kind regards, B. Wolf > An encrypted Mail isn't delivered from the Smarthost (IIS 5.1 on > Windows XP Prof.) to the destination server. The smarthost quits > undefinably the SMTP dialogue. The symptoms you have described are consistent. If the originating server announces itself as ESMTP-capable (by issuing an EHLO), yet the next hop does not list 8BITMIME as one of its ESMTP extensions, and the message cannot be reencoded, then the message will be rejected outright -- both sides will have been be honest and cooperative. If the originating server claims that a session does not require ESMTP (by issuing a plain HELO), and the content of the message is appropriately reencoded, then the message can be transmitted. If you send a HELO and expect that messages have been reencoded, but the reencoding is broken or inconsistently applied, then the messages can be force-fed to the next hop, but mangling will result when viewing the decoded messages. You casually say "The Smarthost (IIS) is configured not to offer 8Bit-MIME". Simply: why not? That should be the first thing you turn back on. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. ------------------------------------ Thanks for your reply, Sandy. Yesterday I send the same encrypted Mail for testing. Before, I configured the smarthost to accept 8Bitmime, but anyway, the mail isn't delivered. The SMTP dialogue breaks at same point (after greetings) and a NDR is send. 5.6.1 Body type not supported by Remote Host... Obviously the mails are bad reencoded from Exchange 2007 because there are many issues sending with HELO, so I can't use it. It's necessary to use EHLO, but how to deliver the encrypted mails? What can I do/ check next? Thanks. Kind regards, B. Wolf > > An encrypted Mail isn't delivered from the Smarthost (IIS 5.1 on > > Windows XP Prof.) to the destination server. The smarthost quits [quoted text clipped - 26 lines] > Cypress Integrated Systems, Inc. > ------------------------------------ A mistake: I mean the mails are bad reencoded by the smarthost (IIS)... > Thanks for your reply, Sandy. > [quoted text clipped - 44 lines] > > Cypress Integrated Systems, Inc. > > ------------------------------------ > A mistake: I mean the mails are bad reencoded by the smarthost (IIS)... Actually, you don't know exactly where the encoding is breaking. You can send some test messages to the \Drop domain (Local (Default) domain) on the smarthost to see what they look like before they are reprocessed for for additional transport. >> What can I do/ check next? Check to see what encoding is actually being announced during the SMTP convo. You will need to use a network monitor, not just your logs. For example, 8BITMIME will look like: MAIL FROM:<sender@example.com> BODY=8BITMIME --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. ------------------------------------ Thanks, Sandy. Well, I found the problem! The mailserver from datev.de didn't advertise binarymime. In the NDR I could read that the message was coded binary. I deactivated this verb in the smarthost and now the mail goes through... The problem with IIS is that instead of reencoding the message, it sends a NDR... > > A mistake: I mean the mails are bad reencoded by the smarthost (IIS).... > [quoted text clipped - 18 lines] > Cypress Integrated Systems, Inc. > ------------------------------------ > The mailserver from datev.de didn't advertise binarymime. In the NDR > I could read that the message was coded binary. I deactivated this > verb in the smarthost and now the mail goes through... Good work! > The problem with IIS is that instead of reencoding the message, it > sends a NDR... Not an uncommmon problem, as lossless transport-time conversion of encrypted messages is frequently impossible. And not only is Exchange 2007 better at doing true conversions, but if your message originated within your Exchange organization, it started in a transport-neutral format anyway (so there is no more "conversion" than there is when regular msgs are put on the wire to leave Exchange). --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. ------------------------------------ |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.