Problems sending POP3 email on Groupwise 6.5

The MX record has no effect. What matters is the SMTP Server you have defined in the OE configuration.

If that SMTP server is not available from outside the network where it resides (i.e. is on a private network and cannot be directly reached from the Internet), or is available but has been configured to not relay unauthenticated connections from outside the network where it resides (or does not support such authentication); then it will reject OE when OE tries to send E-Mail thru it.

I setup the email in Outlook 2003 and ran a test and it can find the mail server but when it tries to send a test message, it is rejected.  I have looked all over the place.  Where do I need to go to set this up to accept the email?

When you say "it can find the mail server", do you mean the GWIA or the SMTP Relay?

If you mean the SMTP Relay, what is running on that Relay? sendmail? postfix? Qmail?

Note that there are inherent security dangers is opening up a mail relay - any mail relay - to relaying for any host on the Internet. Care must be taken, or you'll end up with an open relay, which spammers love and which will end up with you on black-hole lists, your E-Mail being rejected across the 'Net.

I posted a reply and I see it didn't take.

I understand what you're saying and I'm very familiar with the risks involved with doing this.  The only email server involved is the Groupwise server.  I have setup the account in Outlook 2003.  I put in mail.domain.com for the POP3 and SMTP servers.  When I run the test built in for Outlook 2003, everything comes back fine except it rejects the test email.  

OK, so you need to open up GWIA for relaying.

In ConsoleOne, in the GroupWise view, go to the Domain that host the GWIA and change the object type to Gateways. The GWIA object should appear. Right-click, select Properties. Click the Access Control tab and select the SMTP Relay Settings panel. Select the "Allow message relaying" radio button. Click OK. Either restart the GWIA or wait for it to detect the change and restart itself.

GWIA will now relay any SMTP connection. ANY connection.

If you know the specific IP address(es) or range(s) that you need this to work from, you can leave the "Prevent message relaying" radio button selected, and instead Create Exceptions in the Allow window. Your "From" will be the address(es) or range(s), the "To" will be "*".

So to Allow relaying from 123.123.123.0/24, you would have a "From" value of "123.123.123.*". Your granularity it basically by Address Class, you can't use CIDR notation.

I know how to do that but you're telling me I have to open up the gates to allow me to POP3 into the server?  I can't believe I am the only person that has ever had to POP3 into a Groupwise server and the only way is for me to open it up for everyone to spam off of it.

I still don't think that would work anyway because I setup my account in Outlook 2003 with xyz.com which is the domain of our corporate email system.  I went into the GWIA SMTP Relay Settings and added xyz.com as an exception.  It still didn't work.  

I tried it again this morning.  I added xyz.com to the exceptions list on the GWIA SMTP Relay settings.  That didn't work.  I then added the IP of where I was coming from that showed up on the GWIA to the exceptions list and that didn't.  This doesn't make any sense.  

No, you do NOT have to open up the GWIA for SMTP Relaying in order to use POP3. However, POP3 is a unidirectional protocol. It is designed to allow the client to doanload messages from the server. It is NOT a sending protocol - you cannot use POP3 to xfer *outbound* messages. This is not a failing of GroupWise or GWIA - it is a (probably deliberate) protocol limitation in POP3. If that limit distresses you, well, gotta talk to the people who wrote POP3. Novell just implemented their spec.

For SENDING E-Mail from your client, you need to use the SMTP protocol. And you need an SMTP server that can relay for you, since your client software does not have SMTP relay capability, it just generates an SMTP-compatible message and hands it to a relay server equipped for that task. GWIA, in this case.

If you just want to RECEIVE your E-Mail onto your client (receive ONLY, not send) then you do NOT have to open your GWIA for SMTP relay. Only if you want to SEND from your client do you have to do that.

Instead of "xyz.com", you should use the IP address range(s) of your corporate network. If your company has a Class C of public IP addresses (lucky you), then put in 123.123.123.* (or whatever the proper octets are instead of "123.123.123". Putting a Domain Name only works if it can be resolved for the client attempting to connect.

Note that the IP address(es) you provide to the GWIA in the Exceptions list must be able to reach the GWIA. You stated that these connections failed - what error messages showed up on the GWIA. As long as you have the GWIA in either Verbose or Diagnostic Logging mode, you should see the connection attempts from the client and any error messages. What *exactly* is the GWIA seeing and why *exactly* is it rejecting the connection (if it is indeed seeing it)? Use the logging capabilities at your disposal - resolving this will go a lot faster. If the connection never reaches the GWIA, then that's a communications problem and its not the GWIA's fault, is it? If the connection does reach the GWIA and it rejects it, you need to know WHY it rejects it to determine where the problem is.

I promise you that I am not trying to be difficult but I don't think we are on the same page.  

I can send to anyone outside the network but cannot send to anyone inside the network.  Isn't SMTP relaying in the same fashion whether I send inside or outside the network?  

When I try to send an email to someone inside, everything looks fine on the GWIA.  It accepts the connection.  

" Isn't SMTP relaying in the same fashion whether I send inside or outside the network?"

Maybe. Maybe not. If you have a firewall, it may not be permitting the connection thru.

If GWIA has not been configured to permit relaying for hosts outside of your network, then it will act differently for hosts outside your network.

What do you see in the GWIA log when you try to relay from OUTSIDE your network? If nothing shows up, then the traffic is not reaching your GWIA, and you have a network  issue (firewall config, routing/port forwarding config, whatever). If the GWIA sees the connection from the outside but rejects it, the error message will tell us WHY. We can then address the GWIA configuration issue resulting in the rejection. Be sure to use either VERBOSE or DIAGNOSTIC logging on the GWIA.

And be sure you're logging to a file and not just the screen so you can go back and excerpt the relevant portions of the log.

I tried Verbose mode and it didn't give me any different information.  

Here is the information from the log in Diagnostic Mode:

Accepted connection with: <IP Address>
POP3 command: USER Administrator
POP3 command: PASS
POP3 command: STAT
POP3 command: LIST

{GWEACCT: GweAcctSpoolFunc
}GWEACCT: GweAcctSpoolFunc
OK

POP3 command: UIDL 1
POP3 command: UIDL
POP3 command: QUIT

{GWEACCT: GweAddAcctDestFromParms
}GWEACCT: GweAddAcctDestFromParms
OK

POP3 session ended: <IP Address>

Hmmm....looks fairly benign. You connected as "Administrator", and it accepted your password. You got a mailbox status and downloaded a headers list.

Am I missing something?

Not that I can see.  I can connect fine as the Administrator, download mail from the Administrator's account, send an email from the Administrator's account to anyone not on the same network but the mail will not send to any recipient on the same network.  

Ah! OK. That log snippet just showed the POP3 session. What about the SMTP session? What shows in the log when you try to send to someone on the same network?

That's all it showed when I tried sending an email to someone on the same network.  

I tried it again and I don't see any SMTP commands when I send a message to someone on the inside.  

I also just sent myself a test message to my outside email address and I got it but I still didn't see any SMTP commands on the GWIA.

" I got it but I still didn't see any SMTP commands on the GWIA."

Hmmm....well, I dunno what to say. Your Logging Level was Diagnostic, right? Is this the only GWIA in the GroupWise system?

Yes.  We only have 1 GWIA.  The logging was set to Diagnostic.    

I allowed message relaying on the GWIA just to open it up wide and it still did not work.  I guess that rules out a message relaying problem, doesn't it?

Yeah.

Frankly, I don't think the traffic is reaching the GWIA. I don't know how/why, but I don't think the GWIA is seeing it.

Do you have multiple accounts defined on Outlook? Do these accounts have differing configurations with regard to outgoing SMTP server?

I tend to agree with you.  I am going to setup a new SMTP service on the firewall and open up incoming and outgoing with no restrictions.  I looked through the logs on the firewall to see if the traffic was being denied but didn't see anything.  

I have only been testing with 1 account.  I set it up the normal way.  I put in the POP3 and SMTP server names which are both the same.  I set it to keep a copy of the message on the server.  I do not select the option that says My Outgoing Server requires authentication but I have selected it and it still didn't work.  

I am stil confused as to why I can send mail to the outside but can't to anyone on the same domain.  If I can send to the outside, wouldn't it be sending the mail out over the mail server and wouldn't the traffic be getting to the server.  

I opened up SMTP completely on the firewall and it still didn't work.  

jayknight,

Thanks for the points, but if I didn't answer your Question, I woulda preferred that you had a Moderator delete it and refund your points rather than giving me a grade of C.