Solved

Pop3 not working in Groupwise 6.5

Posted on 2004-08-27
20
1,176 Views
Last Modified: 2012-05-05
I have a Groupwise 6.5 server.  I have enabled POP3 on the GWIA and
restarted the GWIA.  I have done everything that I can possibly think of
to get this to work.  I have checked the classes, post office links,
checked the restrictions under Access Control and POP3 is enabled globally
for all users, tried Outlook and Outlook Express as the client, tried
several different usernames and passwords that have 5 characters or more,
created a nickname for the user and also created a Gateway alias.  I am
trying to POP3 into my account on the local Lan.  DNS is setup correctly
internally.  

I thought that maybe the Firewall was blocking POP3 traffic but that
shouldn't matter if I am trying it on the local Lan.

When I try to POP3 into an account, I can see it come across the GWIA and
try to authenticate but it won't accept the username and password.  That
is the error that I received on both the GWIA and client.  

I telneted into port 110 on the GWIA and here are the results:

*Ok Groupwise Pop3 server ready
user "username"
+ok
pass "password"
- ERR Login Failed

Our passwords have both letters and numbers in them and all are over 5 characters.  

Please help!

Thanks,
Jay

0
Comment
Question by:jayknight
  • 11
  • 9
20 Comments
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
1) Have you considered enabling POP3 on the POA instead? That way the GWIA doesn't need to fetch the user's mailbox contents? Don't forget to turn it off at the GWIA (and restart the GWIA) before you turn it on at the POA.

2) Yes, if both your POP3 client and the server are on the local LAN, the firewall should not be involved. Unless the "firewall" is a BorderManager running on the same machine as the GWIA.

3) Does the GroupWise mailbox for the user account have a password? When you talk about "the password", you're not clear on WHICH password you mean. GroupWise maintains and uses a separate password from the user account's eDirectory password (this design allows GroupWise to function in non-NetWare, non-eDirectory environments). This password must be set in order to access the account via POP3 (or IMAP4, for that matter). You can set this password using the GroupWise client, or ConsoleOne.

4) You are aware that POP3 is less-secure than IMAP4? Not that either of them is a paragon of security. Of course, you're using Outlook, so security probably isn't a concern anyway. Watch out for the next Phatbot.

5) Have you considered using the GroupWise Plug-In for Outlook to enable better integration?
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
BTW, you may have noted that GroupWise does not have its own TA under the E-Mail heading. If you'd like to help change this, then a nice (free) message in the New Topics request area would be helpful. http://www.experts-exchange.com/Community_Support/New_Topics/
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I enabled it on the GWIA because the users will be using wireless devices such as Palm to POP3 into their account.  I don't think it will work if I enable it on the POA.  Will it?

The accounts I am testing have passwords set on their Groupwise accounts and I am using that password and not their Novell password.  
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
POP3 is POP3. The POA and GWIA implement the same functionality, just the POA has the data at hand. The GWIA has to build a mailbox get request, send it to the POA, and wait for the POA to build the information and ship it back thru the MTA to the GWIA. The POA just serves the POP3 request directly.

The main reason that the GWIA retains the POP3 and IMAP4 capabilities is that many organizations run a GWIA on a separate server in a DMZ. That way they don't have to open their POA server (which may host other things) to the Internet. More secure. But you seem to have everything on one box.

Intellisync (http://www.intellisync.com/) makes Palm-specific GroupWise synchronization products. Have you considered that as an alternative?

Do the Palms not support IMAP4?
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
As for the password issue, there are very few limits on GroupWise passwords. The fact that they are a mix of numbers and letters should not be an issue. I would, of course, check the obvious: is the CAPS LOCK set, that sort of thing.
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
You might also try clearing and resetting the GroupWise password.
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I don't see any option to enable POP3 on the POA, only IMAP.  How do I enable it?

I'm sure whether the Palm supports IMAP4 or not.  I'm just trying to get POP3 working for now.
0
 
LVL 34

Accepted Solution

by:
PsiCop earned 300 total points
Comment Utility
In the immortal words of Homer Simpson: D'oh!

You're right - I had it backwards. The POA doesn't support POP, POP is only supported via the GWIA. Sorry, my bad.

I'd done IMAP support on a POA before, I forgot (till your latest comment prompted me to check again) that the POA doesn't support POP.

OK, so, let's try clearing the GroupWise account password and setting a new one. Do that as two separate operations and be sure to give the change a few minutes to propogate to the Agents. Are your agents all in one big GroupWise Domain?
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I have tried clearing the passwords and assigning a new password.  That didn't work.  

I have disabled POP3 on the GWIA, restarted the GWIA and have now enabled IMAP on the poa.  I'm not sure if it is working.  Is there a way to test it through telnet like I did with POP3 or do I just need to send a message to myself and see what happens?
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
Also, I forgot to answer your other question.  Everything is in 1 Groupwise domain.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
No, can't test IMAP thru telnet, because the initial session negotiation is encrypted (which is why its more secure than POP - you don't have passwords in the clear).

You can test it using any IMAP client, such as Netscape, Thunderbird or (*shudder*) Look Out!
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I think it's working.  I tried resetting a users password instead of the Administrators account and it connected and downloaded messages fine.  I know it's working on the Lan.  I will get with one of the users with a Palm device and see if they can test it out.  
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I tried it from the outside and it isn't working.  We have a Firebox here and I have enabled POP3 but it still isn't working.  Maybe I need to reboot the Firewall.  
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
Yep, it it works on the LAN but not from outside, its a firewall issue.
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
I have setup Outlook Express on a computer outside the network.  I can receive mail and send to anyone outside the network but cannot send to anyone inside the network.  I have checked everything and can't find any answer.  Why do you think I can send outside but can't send to a recipient inside?
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
OK, let me understand this. You are outside of your network, using Look Out! You can establish a POP3 connection to the GWIA and download your E-Mail. You can send E-Mail, but only to addresses that are not delivered by the GWIA (that is, if the GWIA hosts Internet E-mail for xyzcompany.com, you can send to user1@aol.com, and user2@yahoo.com and user3@earthlink.net; but you can't send to user4@xyzcompany.com, right?)

Question: What is the SMTP Server in the Account configuration of Look Out! ? That is, what SMTP server is it configured to use?

Question: Does the GWIA permit unauthenticated SMTP relaying?

Question: Is a VPN involved here, or are you going straight across the Internet?

0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
The product is Outlook Express.

1.) It is using the same SMTP server mail.domain.com, as the GWIA is configured to use.  

2.) I'm not sure what you mean.  I have went into Access Control under the GWIA and under SMTP Relay Settings, "Prevent Message Relaying" is selected.  I didn't think it was trying to relay but I added my domain to the Exceptions list.  It still did not work.  

3.) I am going straight across the Internet.
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
Look Out! Express. OK :-)

1) OK, so you are not using the GWIA as your SMTP relay for your OE client.

2) Yes, because the settings are not affecting the problem - you're not using the GWIA as an SMTP relay for OE.

3) I suspect that the SMTP server at mail.domain.com is not configured to allow any ol' SMTP client on the 'Net to relay. If it were, spammers would be all over it like white on rice. You need to be able to either have an authenticated connection (if the SMTP server at mail.domain.com supports such things) or you need to VPN into the network and then come to the mail server at mail.domain.com as an "inside" client (instead of from the outside) so it is comfortable relaying for you.

Just FYI, you've gone beyond the scope of the original Question.
0
 
LVL 1

Author Comment

by:jayknight
Comment Utility
Ok, I will post a new question and close this one since it is working for the most part.  
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
Thanks!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now