Mail Server Help
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me

The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.

Go Back   Dev Shed ForumsSystem AdministrationMail Server Help
Reload this Page

Exchange 2010 / Openssl AUTH LOGIN not working


Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old July 11th, 2011, 03:40 PM
liam1027 liam1027 is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Mar 2011
Posts: 2 liam1027 User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 50 m 39 sec
Reputation Power: 0
Exchange 2010 / Openssl AUTH LOGIN not working
Hello,

We recently upgraded our mail server from Exchange 2003 to 2010. There's an external web server which sends secure email from our website to Exchange. This is no longer working correctly and we can not decommission the 2003 server until the problem is resolved.

From the web server, I've simplified the equation by simply binding with OpenSSL and trying to issue SMTP commands manually. I have no problem establishing the TLS connection. I can issue an EHLO then AUTH LOGIN. I pass the encoded credentials and Exchange replies "DONE" then my connection drops.

I've never seen this before. I've only ever seen authentication successful or unsuccessful. What does "DONE" mean and why does my connection immediately terminate?

If it helps at all, here's the conversation:

Code:
250 CHUNKING
ehlo
250-server.domain.tld Hello [nnn.nnn.nnn.nnn]
250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN
250-8BITMIME
250-BINARYMIME
250 CHUNKING
auth login
334 VXNlcm5hbWU6
BASE64 encoded account
334 UGFzc3dvcmQ6
BASE64 encoded password
DONE
acct@server[/]#

Any assistance would be greatly appreciated. Thanks in advance.

[EDIT]
I performed the same command sequence in a Telnet session and was able to bind as the user. Obviously, this is not a solution as the email is not secured via TLS; however, it makes me think that something's wrong with OpenSSL or the certificate / settings in Exchange 2010.

Here's the handshake from the OpenSSL connection:
Code:
acct@server [~]# openssl s_client -starttls smtp -crlf -connect host.domain.tld:nnn                                              org:446
CONNECTED(00000003)
---
Certificate chain
omitted
---
Server certificate
-----BEGIN CERTIFICATE-----
omitted
-----END CERTIFICATE-----
omitted
---
omitted
---
SSL handshake has read 4974 bytes and written 494 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: omitted
    Session-ID-ctx:
    Master-Key: omitted
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1310418709
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
250 CHUNKING

There must be something simple that I'm overlooking.
Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationMail Server Help > Exchange 2010 / Openssl AUTH LOGIN not working

« Previous Thread | Next Thread »

Developer Shed Advertisers and Affiliates



Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap