CFMail Authentication in ColdFusion 5
I am trying to fix a legacy application built on ColdFusion 5. We recently migrated to IMail 11.01 and we have found that the application can no longer send mail. I figured out that it is because our old mailserver did not require authentication on SMTP. We now do require authentication. Is there a way in the CFMail tag to provide the username and password to authenticate against or setup IMail to allow that one domain to send mail out?
ASKER
That won't work. Username and Password weren't added into CF until CF MX (6).
Yes, you are correct - apologies for that.. For your server entry, try the following:
user:password@mail.company
user:password@mail.company
ASKER
@ajarvey - I am not sure what you mean. Can you include a snippet for context?
server = "mail.mydomain.com"
change to
server = "Username:Password@mail.my
Username = the email account's username
Password = the email account's password
both seperated by a colon. YOu might have a problem with that, because of Imail using the full email address as the account name. CF might freak out with having multiple @ symbols.
If you can't get this to work, what I would recommend you do is change your email server configuration to allow relaying from the IP address of the application server where this is hosted.
change to
server = "Username:Password@mail.my
Username = the email account's username
Password = the email account's password
both seperated by a colon. YOu might have a problem with that, because of Imail using the full email address as the account name. CF might freak out with having multiple @ symbols.
If you can't get this to work, what I would recommend you do is change your email server configuration to allow relaying from the IP address of the application server where this is hosted.
ASKER
Okay I will attempt that. Now if I wanted to add the application to the server list of accepted domains what would I put in. The application has a public domain (ex. www.domain.com), but the app connects to the mailserver through a LAN IP (192.168.200.***). Would I add the application servers LAN IP to the accepted domains list of the public URL?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay so I got my server to allow me to send mail to addresses on the mailserver but it won't let me send mail out to other addresses.
For example server has mail domain domain1.com and domain2.com. I can send to any email that is *@domain1.com and *@domain2.com but I can't send to *@domain3.com.
When I do it with Telnet to my company mail which does not reside on our iMail server I get the following error:
550 not local host cagedata.com, not a gateway
For example server has mail domain domain1.com and domain2.com. I can send to any email that is *@domain1.com and *@domain2.com but I can't send to *@domain3.com.
When I do it with Telnet to my company mail which does not reside on our iMail server I get the following error:
550 not local host cagedata.com, not a gateway
You're only allowing relay to local domains, through Imail.. What did you configure in Imail to get you to where you're at now? More specifically, what relay settings did you put in place?
ASKER
Current SMTP Settings:
General Options
Relay for: Addresses
Addresses:
192.168.101.1 255.255.255.0
192.168.200.1 255.255.255.0
Security Options
[x] Allow Remote Mail to Local Groups
[ ] Check Valid Sender
[x] Auto Deny Possible Hack Attempts
[x] Disable SMTP "VRFY" Command
[ ] Require CRAM-MD5 Authentication
Advanced SMTP Options
[ ] Enable Extra Port
[ ] Disable SMTP AUTH
[ ] Enable SMTP to Listen on All IPs
General Options
Relay for: Addresses
Addresses:
192.168.101.1 255.255.255.0
192.168.200.1 255.255.255.0
Security Options
[x] Allow Remote Mail to Local Groups
[ ] Check Valid Sender
[x] Auto Deny Possible Hack Attempts
[x] Disable SMTP "VRFY" Command
[ ] Require CRAM-MD5 Authentication
Advanced SMTP Options
[ ] Enable Extra Port
[ ] Disable SMTP AUTH
[ ] Enable SMTP to Listen on All IPs
Can you take a look in your Imail SMTP logs, after trying to relay one of these messages, and see what IP address the request is actually coming from? It's possible that your web server is communicating to your Imail server from a different IP address than you think it should be.
If all applications are running on the same box (Web/CF, Imail, etc), try adding 127.0.0.1 to the allowed relay address list.
If all applications are running on the same box (Web/CF, Imail, etc), try adding 127.0.0.1 to the allowed relay address list.
ASKER
According to the logs the mail is coming from the 192.168.200 address that I thought it was. I do however see the following error:
[192.168.200.***] ERR *****.net invalid user TO:*****@cagedata.com
Starred out part of IP: Web Server IP Address
Starred out domain name: Mail Server primary domain
Starred out email address: My company email address (on another mail server)
[192.168.200.***] ERR *****.net invalid user TO:*****@cagedata.com
Starred out part of IP: Web Server IP Address
Starred out domain name: Mail Server primary domain
Starred out email address: My company email address (on another mail server)
Are you specifying a valid FROM address in your CF code, where that FROM address is an email address hosted locally in Imail?
ASKER
I don't want to send it locally within imail. The form is a forgot password form so it needs to be able to send out to anyone else in the world regardless of mailserver hosting.
Right, but when you send a message out it has a FROM address, as the sender. Is this FROM address being specified hosted locally in Imail? So for example, you're sending out your forgot password email from FORGOTPWD@MYDOMAIN.COM. Do you have a mailbox setup in Imail for FORGOTPWD@MYDOMAIN.COM?
ASKER
Yes I do. As I said I can send mail from the address to another address on the IMail server just fine. I just can't send mail from the same address to another address outside of the server.
Just so I know we're talking about the same thing - If you go to reply to one of your forgotten password emails, where does that reply go to?
The reason why I'm asking is because Imail will require a valid sender for these mails to go external, regardless of the allow relay for address setting (where you allowed the IP address). If the email address that you use for replies is not a valid mailbox/alias in Imail, the messages will not relay outside.
That may be why you are able to relay to internal users, but not to external users.
The reason why I'm asking is because Imail will require a valid sender for these mails to go external, regardless of the allow relay for address setting (where you allowed the IP address). If the email address that you use for replies is not a valid mailbox/alias in Imail, the messages will not relay outside.
That may be why you are able to relay to internal users, but not to external users.
ASKER
When I respond back it goes to the proper email address.
It seems like we have a disconnect somewhere between us. As of now, the best I can do for you is to point you to the KB article on IPSwitch's website regarding relaying: http://kb.imailserver.com/cgi-bin/imail.cfg/php/enduser/std_adp.php?p_faqid=35&p_created=1218036877
Make note of the following:
Relay for Local Users Only
IMail checks the FROM address of incoming mail during the incoming SMTP session and determines that it contains a valid email address of a local IMail user account. It does not check user aliases or lists. If the User ID is not valid or does not match the correct domain on which the user exists, the server does not relay mail.
You can use the accept.txt file in conjunction with these options to name remote hosts and users that you want the IMail Server to accept as "local" hosts and users. Again, while this is more secure than 'Relay for local hosts only', the FROM address on an incoming email can easily be forged and this setting should not be used if the IMail server is exposed to the internet.
Make note of the following:
Relay for Local Users Only
IMail checks the FROM address of incoming mail during the incoming SMTP session and determines that it contains a valid email address of a local IMail user account. It does not check user aliases or lists. If the User ID is not valid or does not match the correct domain on which the user exists, the server does not relay mail.
You can use the accept.txt file in conjunction with these options to name remote hosts and users that you want the IMail Server to accept as "local" hosts and users. Again, while this is more secure than 'Relay for local hosts only', the FROM address on an incoming email can easily be forged and this setting should not be used if the IMail server is exposed to the internet.
ASKER
Well as of right now I can send mail from a user on the imail server to another user on the imail server using my coldfusion application on another server. When I attempt to send an email to a user not on the imail server (but still a proper user email on another server) I get the errors that I have posted above.
Thank you for your help ajarvey. I will continue my search.
Thank you for your help ajarvey. I will continue my search.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I figured out why I couldn't get it to work with 5 minutes of being on the phone with iMail. I did everything right to allow mail relay from my coldfusion server, but I wasn't restarting my SMTP services to reload the config.
ASKER
Solutions were great. I just forgot to restart the SMTP services.
Aww.yes. Make sure to restart the Queue Manager Service Too - Never a bad Idea.
ASKER
Yes did that. Everything works great now with multiple tests. Thank you TravisT and a big thank you to ajarvey for helping me out for the past day and a half.
Anytime, Paldie..
to = "anyone@anywhere.com"
from = "you@yourdomain.com"
subject = "This is the subject"
username = "you@yourdomain.com"
password = "password"
server = "mail.mydomain.com"