Question

I have configured my Twiki install to use authenticated SMTP, using /bin/configure, however, when registering a new user, after hitting "Submit" on the registration page, I get: "Internal error when sending email".

With SMTP debugging turned on in the configuration, the apache log reports: Sender address rejected: Access denied

However there is no evidence that it attempted to authenticate to the SMTP, and authenticating to the SMTP server using the same username and password via telnet (and the PLAIN AUTH smtp command) works fine.

More details below.

I am using an external email host who requires authentication to use the SMTP server, my username is my full email address with the service, including the '@' sign. Configuring Twiki using /bin/configure (see the attached configuration, with password removed) throws the error above whenever trying to register.

I then switched to an SMTP server that does not require authentication just to test, changing nothing else about my install or configuration, and immediately can send email (and register).

The output of the Apache2 log file (with the line headers removed, just the smtp stuff - again with SMTP debug turned on) looks like:

<<< 220 relay5.relay.iad.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids use of this system for unsolicited bulk electronic mail (Spam) 
>>> EHLO localhost.localdomain\r
<<< 250-relay5.relay.iad.emailsrvr.com 
<<< 250-PIPELINING 
<<< 250-SIZE 75000000 
<<< 250-ETRN 
<<< 250-STARTTLS 
<<< 250-AUTH PLAIN LOGIN 
<<< 250-AUTH=PLAIN LOGIN 
<<< 250-ENHANCEDSTATUSCODES 
<<< 250 8BITMIME 
>>> MAIL FROM:<me@danpisarski.com>\r
<<< 250 2.1.0 Ok 
>>> RCPT TO:<danp@libraryvideo.com>\r
<<< 554 5.7.1 <me@danpisarski.com>: Sender address rejected: Access denied 
>>> RCPT TO:<me@danpisarski.com>\r
<<< 554 5.7.1 <me@danpisarski.com>: Sender address rejected: Access denied

To verify that I could authenticate agains the SMTP server, I followed the instructions here http://qmail.jms1.net/test-auth.shtml of how to do it from telnet, and from the same Kubuntu install tried it with the following successfull results:

Trying 207.97.245.100...
Connected to smtp.emailsrvr.com.
Escape character is '^]'.
220 relay1.r1.iad.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids use of this system for unsolicited bulk electronic mail (Spam)
EHLO localhost.localdomain
250-relay1.r1.iad.emailsrvr.com
250-PIPELINING
250-SIZE 75000000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250 8BITMIME
AUTH PLAIN AG1l...=
235 2.0.0 Authentication successful
MAIL FROM:<me@danpisarski.com>
250 2.1.0 Ok
RCPT TO:<danp@libraryvideo.com>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
testing direct send


.
250 2.0.0 Ok: queued as 3235F458843
quit

From the Twiki/Apache log, I don't see Twiki trying the AUTH PLAIN smtp command to pass my authentication information. Does Twiki not support this?

Environment

-- DanPisarski - 31 Jul 2007

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

If I was you I'd write a minimal perl program that uses SMTP to send mail, and use that to open a conversation with the developers of your mail server.

-- CrawfordCurrie - 01 Aug 2007

I am not sure I am following you here and just want to understand - I am able to authenticate against the server using every email client I have tried (thunderbird, for example), as well as from a basic SMTP prompt (as outlined above). So why would I open a conversation with the providers of my mail server? The SMTP server seems to work just fine from everything but Twiki.

-- DanPisarski - 01 Aug 2007

I was able to resolve this issue myself, using exim4 as an mta, since exim4 had no trouble at all logging into the same SMTP server using the same username and password.

This, on Kubuntu, the steps to resolve this issue are as follows:

1. Install exim4 and exim4-config from the package manager.
2. Configure exim4 from the console using sudo dpkg-reconfigure exim4-config
3. You can select "mail sent by smarthost; no local mail" as the mail server configuration for exim4
4. once prompted, enter the smtp url, as an example per my information above this was smtp.emailsrvr.com. You do not need to try and append any username or password data here.
5. Complete the rest of the exim4 configuration with values appropriate to your configuration.
6. Once done, exim4 restarts and your /etc/exim4/update-exim4.conf.conf file has the right configuration (again, this is the location for a default install on Kubuntu 7, yours might be elsewhere).
7. next, edit /etc/exim4/passwd.client to add the authentication information. The file shows you the format to follow, it is just host, username and password separated by colons.
8. make sure exim4 picks up that setting change by running sudo update-exim4.conf.
9. In my case, the smtp server will only send email that is sent from me@danpisarski.com, but that is how Twiki is configured to send emails since I set me@danpisarski.com as the wikiwebmaster email address.
10. Now you can set Twiki to use localhost as the smtp server and clear out the username and password, for instance in /twiki/bin/configure.

Exim4 should now log in to your authentication-required SMTP server and Twiki does not need to manage any authentication so it should be fine.

-- DanPisarski - 01 Aug 2007

Dan was blogging this experience at http://www.danpisarski.com/2007/08/10/getting-twiki-to-work-with-an-authentication-required-smtp-server/

-- PeterThoeny - 10 Aug 2007