• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 899
  • Last Modified:

GWIA responds "501 command syntax error" on inbound mail. Outbound mail works.

The first paragraph below is an excerpt from a post at http://forums.novell.com/novell-product-support-forums/groupwise/groupwise-7x/gw7-gwia/104590-gwia-501-syntax-errors.html.

** Excerpt start **
"GWIA is having troubles receiving email from the internet. I can telnet to
port 25 from an outside host. when testing, after i do "rcpt to:<email
address>" 501 command syntax error appears. outgoing mail works fine. i
have changed the /hn- switch to valid public "A" record. when sending from
an outside email account an undeliverable message comes to account stating
"There was a SMTP communication problem with the recipient's email server.
Please contact your system administrator. <mail.mailserver.com #5.5.0
smtp;501 Command syntax error>
** Excerpt end **

I started getting this exact same error on a NetWare/OES 6.5 Small Business Server today. I had to rebuild it from scratch due to hardware failure last week so everything is current. By that I mean NW 6.5 (NetWare kernel) w/SP7 and post SP7 updates, GroupWise 7.0.3 PLUS newly released Hot Patch 1 and Border Manager 3.8 w/SP5.

Internet email worked okay (a few quirks noted in GW 7.0.3 HP1 readme) until I went about getting BM to allow SMTP traffic through it from a PC with a custom app needing to comm with an external SMTP server and NOT GWIA. Using the default BM filter exceptions did not allow SMTP traffic through. GWIA could send and receive email, but pass through would not work. I tweaked and tweaked the BM filters to no avail. It was at this point that I discovered that GW 7.0.3 HP1 was released last week.

This morning internet email appeared to be working okay. I went ahead and installed HP1 for GW 7.0.3 in response to the quirky issues seen.

Next I resumed tweaking the BM filter exceptions until I got SMTP to pass through. I had to enable NAT (dynamic only) on the public interface, set nat dynamic mode to pass thru = on, and change the default stateful SMTP filter exceptions from specifying the public IP as the destination host on outgoing and the source host on incoming. I changed the destination for outgoing to any and the source for incoming to any. With these changes in place SMTP traffic from the PC with the custom app needing to comm with an external SMTP server worked.

At this point outbound email would go out through GWIA. Some time later someone from the outside reported that they were getting their mail bounced back. Upon testing from the outside, manually by using telnet on port 25, I found the exact same symptom reported in the original post above...after i do "rcpt to:<email
address>" 501 command syntax error appears.

In response I've done the obvious things. Which was to back out/undo everything I put in place for the SMTP traffic to pass through BM. Meaning I put the stateful SMTP filter exceptions back as they were and I disabled NAT. No change getting the 501 error.

After much research and tweaking I decided to back rev GWIA to 7.0.3 without HP1. I even deleted the eDir GWIA object and allowed the install to create a new one. No change. Since that didn't resolve the issue I deleted the newly created eDir GWIA object and then installed the 7.0.3 HP1 GWIA again and let that install create a new eDir GWIA object. No change.

Rebooted. No change.

So, here I am with a server that simply had some quirky/known 7.0.3 GWIA issues but now will not accept incoming email at all. Sorry so long folks. I wanted to provide the "whole" story up front. Any help would be most appreciated.
  • 2
1 Solution
While I probably missed this in your typing (and I'm assuming the answer is yes) - I'm hoping I'm wrong with my assumption...

So are you actually running GW and BM on the same box?  Do you have 2 NICs in this server (I would assume so) since/if you are running BM?

I probably missed this too, but have you tried telnetting directly to GroupWise Internally and not Externally?

I'm no pro with BM at all, so I probably won't be much for help, but I figured I'd post anyway.

I would have also thought you would do a static NAT and not a Dynamic NAT for SMTP traffic or communications, allowing "any" from the outside world and not simply the "source host" on incoming.
Can you recieve email with the ipflt unloaded? If so, you have a BM filter issue.  You may need to look at your smtp filter.  

Also, set your NAT back to Static and Dynamic.
evaughn44319Author Commented:
Sorry for the extreme delay here folks.  I was back on-site working on this issue at 8:30 a.m. on 6/24 and then sprinting to keep up elsewhere ever since.

To answer questions from Ghost96:

- Yes, GW and BM are running on the same NetWare 6.5 Small Business Suite server with 2 NICs.
- I could connect to the GWIA via telnet on port 25 from the LAN and enter a test email message without getting the 501 Command Syntax error, but there was not evidence of the connection on the GWIA realtime screen or in the GWIA log.  The test message never got delivered either.
- I think the dynamic NAT or not using static NAT works on the SBS server because GWIA is listening for SMTP traffic on at least the public interface.  So there really is no need to NAT the traffic inside to a private LAN IP.

To answer the questions from ChrisLemoine:

- The 501 Command Syntax error persisted when testing from the outside with ipflt and filtsrv unloaded.

The solution:

I had both http/web proxy and transparent proxy enabled during testing after the rebuild.  I wanted to just use transparent proxy, but found issues access https/SSL pages.  When I forced the browser to use the proxy service on port 8080 the https/SSL pages worked fine.

I had to turn off/disable both the http/web proxy and the transparent proxy to resolve the 501 Command Syntax Error.  Once I did this GWIA would accept inbound mail without issue.

Proxy, proxy, proxy.  Who needs Proxy in an SBS environment which includes a full blown firewall (Border Manager) any way?  If you're not using the logging/reporting BM proxy offers and not making use of any third party filtering solutions (SurfControl and the like) that work in conjuction with proxy why use it?  To save bandwidth?  Not in an SBS environment and not in 2008 if you ask me.

Thanks to Ghost96 and ChrisLemoine for their responses.
Well glad you got it all sorted out.  Thanks for posting back with us to provide the solution :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now