Search found 210 matches

by mikedibella
2019-08-15 17:17
Forum: General discussions
Topic: can send, cannot receive email
Replies: 17
Views: 2212

Re: can send, cannot receive email

You have an MX record for 931mev.com that resolves to mail.931mev.com, but you do not have an A record for mail.931mev.com that resolves to an IP address.
by mikedibella
2019-08-14 20:34
Forum: General discussions
Topic: Help, Sending Mail
Replies: 25
Views: 3108

Re: Help, Sending Mail

Breakdown of the response: Server: localhost Address: ::1 This machine is hosting a DNS server, and it's DNS client is configured to use the local DNS server to resolve queries. Non-authoritative answer: A remote DNS server other than the server that is the authority for the zone queried (hotmail.co...
by mikedibella
2019-08-14 16:55
Forum: General discussions
Topic: Help, Sending Mail
Replies: 25
Views: 3108

Re: Help, Sending Mail

Your nslookup command syntax is wrong.

At the command prompt, type:

Code: Select all

nslookup -type=mx hotmail.com
Post the result.
by mikedibella
2019-08-14 01:43
Forum: Off-topic discussions
Topic: Forum subscription emails
Replies: 28
Views: 9112

Re: Forum subscription emails

What was your new empty user account - mdibella? I guess I can just delete that one, and then you can change account name and email address in your settings?
@martin: you can delete the mdibella account now. The email address is now changed on my working account.
by mikedibella
2019-08-11 21:10
Forum: Off-topic discussions
Topic: Forum subscription emails
Replies: 28
Views: 9112

Re: Forum subscription emails

Great. I was able to finally activate the original forum account I created with my vanity email. But I'd like to keep the rank and post counts associated with this account. When I try to change the email address for this account to my vanity email the forum complains "The entered email address is al...
by mikedibella
2019-08-11 03:53
Forum: Off-topic discussions
Topic: Forum subscription emails
Replies: 28
Views: 9112

Re: Forum subscription emails

Well we could start by looking at a successfully received activation email to see where bounces would likely go. From there maybe martin could chime in on whether there is a mailbox to receive them.
by mikedibella
2019-08-10 17:50
Forum: Off-topic discussions
Topic: Forum subscription emails
Replies: 28
Views: 9112

Re: Forum subscription emails

I was never able to register with my vanity domain dibella(dot)net and had to use a webmail provider for the forum reg...maybe the issues are related.
by mikedibella
2019-08-07 23:06
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

Some anti-virus software may block email over secure connections becuase these emails are harder to scan. So it is conceivable that such an implementation might replace the STARTTLS keywork in the ELHO with something else, like the XXXXXXXA you are seeing. Also could be this bug: https://www.cisco.c...
by mikedibella
2019-08-07 22:47
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

I think you really need to focus on the discrepancy between what hMailServer is seeing as the EHLO response verses what mxtoolbox.com is reporting. If you issue a telnet command from the hMailServer host to the remote host esa-omf-101.exeloncorp.com on port 25, and issue the EHLO verb, do you see ST...
by mikedibella
2019-08-06 04:24
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

I wonder if the remote server has been configured to require secure connections, but a certificate has not been properly configured or has expired and the server was restarted, resulting in a mismatch between the ELHO verb response and the MAIL verb response.
by mikedibella
2019-08-03 00:41
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

220 esa-omf-101.exeloncorp.com ESMTP EHLO xxx 250-esa-omf-101.exeloncorp.com 250-8BITMIME 250-SIZE 20971520 250 STARTTLS This is what I get when I query that SMTP host. I'm not sure why STARTTLS isn't showing in the logging you provided. Unless hMailServer sees STARTTLS in the EHLO response, it won...
by mikedibella
2019-08-03 00:08
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

"SMTPC" 22332 10 "2019-08-02 15:28:33.862" "216.99.189.20" "RECEIVED: 250-esa-omf-101.exeloncorp.com[nl]250-8BITMIME[nl]250-SIZE 41943040[nl]250 XXXXXXXA" The remote server is not RFC compliant. This is not advertising that it supports STARTTLS in response to the EHLO verb, so hMailServer thinks it...
by mikedibella
2019-08-02 20:56
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

Send a larger portion of the log. It seems like the remote server is expending authentication.
by mikedibella
2019-08-02 20:03
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

Hypothesis: STARTTLS is failing the certification validation.

Try disabling Settings > Advanced > SSL/TLS > Verify remote server SSL/TLS certificate.
by mikedibella
2019-08-02 18:18
Forum: General discussions
Topic: Using STARTTLS for message delivery
Replies: 23
Views: 3628

Re: Using STARTTLS for message delivery

You don't need a certificate for outbound TLS. Under Settings > Protocols > SMTP > Advanced , check Use STARTTLS if Available. Under Settings > Protocols > SMTP > Delivery of email , if you are using a Relayer, set Connection security to STARTTLS (Optional) if the port is not encrypted (25 or 587). ...
by mikedibella
2019-06-05 19:58
Forum: General discussions
Topic: HMAIL to Office365 without IMAP/POP
Replies: 25
Views: 4831

Re: HMAIL to Office365 without IMAP/POP

If you don't have administrative access to the Office 365 tenant, but you do have the ability to login to Outlook Web Access, you can create a server-side rule for the mailbox to redirect mail to another mailbox. https://support.office.com/en-ie/article/forward-email-from-office-365-to-another-email...
by mikedibella
2019-06-05 05:37
Forum: General discussions
Topic: HMAIL to Office365 without IMAP/POP
Replies: 25
Views: 4831

Re: HMAIL to Office365 without IMAP/POP

I'll try to lay out my recommendation to you more clearly. You have a mailbox on your Office 365 domain, let's call it mailbox@public-domain.com. You used to be able to download mail from that remote mailbox into a local mailbox hosted on hMailServer using the POP3 protocol. Now POP3 protocol access...
by mikedibella
2019-06-04 19:16
Forum: General discussions
Topic: HMAIL to Office365 without IMAP/POP
Replies: 25
Views: 4831

Re: HMAIL to Office365 without IMAP/POP

Both Mail Users and Mail Contacts are created from ECP on the Recipients > Contacts tab.
by mikedibella
2019-06-04 16:52
Forum: General discussions
Topic: HMAIL to Office365 without IMAP/POP
Replies: 25
Views: 4831

Re: HMAIL to Office365 without IMAP/POP

What I do with a couple of email addresses on my Office 365 tenant is to create them as distribution lists and set delivery management to allow sender inside and outside the organization to submit emails the the group. Next I setup a single contact with the external address I want to forward to. Add...
by mikedibella
2019-06-03 21:10
Forum: General discussions
Topic: HMAIL to Office365 without IMAP/POP
Replies: 25
Views: 4831

Re: HMAIL to Office365 without IMAP/POP

Put another way, you should press client on why TLS encapsulation of HTTP is secure enough but TLS encapsulation of SMTP and IMAP is not. hMailServer can support either TLS encapsulation either of the whole connection sequence or via STARTTLS for SMTP, POP3, and IMAP, but cannot support using Active...
by mikedibella
2019-05-31 20:56
Forum: General discussions
Topic: Error Type SMTP 550-verification failed
Replies: 5
Views: 887

Re: Error Type SMTP 550-verification failed

Couple of issues I see. Your MX record is pointing to insyscr.com, I recommend changing it to point to mail.insyscr.com instead and use mail.insyscr.com as your hMailserver hostname. Create an A record in DNS for mail.insyscr.com to point to the public IP address for hMailserver. DNS does record an ...
by mikedibella
2019-05-31 18:30
Forum: General discussions
Topic: hmailserver & Cloudflare
Replies: 13
Views: 2446

Re: hmailserver & Cloudflare

Login into the Cloudflare portal and select the domain corresponding to the right-hand side of your email address (i.e. email = my-name@my-domain, then select my-domain). Choose the DNS tile from the top. Using the Add Record button, add the following records: Type, Name, Value, TTL A, mail, public ...
by mikedibella
2019-05-31 17:34
Forum: General discussions
Topic: Error Type SMTP 550-verification failed
Replies: 5
Views: 887

Re: Error Type SMTP 550-verification failed

You cannot send mail to domains that use sender verification using a sender address (From: address) that does not exist at the sending domain. If you send a message From: from-name@from-domain, then a mailbox must exist in the from-domain mail servers for from-name.
by mikedibella
2019-05-31 05:55
Forum: General discussions
Topic: Error Type SMTP 550-verification failed
Replies: 5
Views: 887

Re: Error Type SMTP 550-verification failed

The remote server you are trying to send mail to implements sender verification (https://en.wikipedia.org/wiki/Callback_verification) and the sending address MX does not host that user. To fix, only send using senders from domains that you control, and make sure that you host a mailbox for those use...
by mikedibella
2019-05-10 15:53
Forum: Scripting
Topic: Move emails to top of the queue based on certain priority header flags
Replies: 66
Views: 21726

Re: Move emails to top of the queue based on certain priority header flags

I missed the FileCopy and RefreshContent methods being used as a work-around for the missing load-from-file method on the Message object. I'd also suggest you run the code using the cscript.exe interpreter and not the default wscript.exe interpreter. As you've seen, wscript will throw a modal dialog...
by mikedibella
2019-05-10 03:38
Forum: Scripting
Topic: Move emails to top of the queue based on certain priority header flags
Replies: 66
Views: 21726

Re: Move emails to top of the queue based on certain priority header flags

I don't think this code will work. I see the code is getting the stored message filename by parsing the UndeliveredMessages property, and that a Message object is created to parse the message. This line: Set oMail = CreateObject("hMailServer.Message") Creates a new message object instance. But this ...
by mikedibella
2019-04-22 19:27
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

My understanding of your situation is that your legacy architecture included an on-premise Exchange server hosting mailboxes for your internal users, and additional mail-enabled endpoints that used the Exchange infrastructure as an SMTP relay to deliver messages to internal and external addresses. Y...
by mikedibella
2019-04-19 01:02
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

This has been covered in previous posts. Office 365 does not support external-to-external SMTP relay. This is by design. It is not a product to use for that type of mailings. If you want to route mail though Office 365 SMTP servers, either the sender or the recipient must be a local user.
by mikedibella
2019-04-18 21:49
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

There are other articles on this site that describe how to configure your systems so that mail sent directly (using MX record lookup) from HMS has the requisite reputation to be accepted as ham. Maybe Jim can provide a link to his favorite post on this subject. If you want HMS to deliver directly to...
by mikedibella
2019-04-18 19:49
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

You can achieve authenticated send with Office 365 using username/password authentication, which requires that the Sender address match the primary STMP proxy address (reply address) for the account. So if your sending appliances can support username/password AUTH, just make sure that the mail clien...
by mikedibella
2019-04-16 20:00
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

That error is raised when the Sender email address doesn't match the proxy address of the authenticated user. It is more difficult to configure Office 365 as a relay for any-sender to any-recipient use cases. You might want to take a look at SendGrid free tier.
by mikedibella
2019-04-16 17:40
Forum: General discussions
Topic: Exchange Online - Unrecognized authentication type
Replies: 15
Views: 3097

Re: Exchange Online - Unrecognized authentication type

Are you trying to submit authenticated mail to Office 365 on port 25? Office 365 accepts only local delivery on port 25. Relay mail must be submitted using port 587. https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-u...
by mikedibella
2019-04-10 20:50
Forum: General discussions
Topic: Can more than one return value be entered when configuring external AV?
Replies: 4
Views: 941

Re: Can more than one return value be entered when configuring external AV?

Wrap the .exe in a .cmd script and use if errorlevel and exit exitCode to merge 12 and 13 into a single return value. The line

if errorlevel 12 exit 13

with exit the script and set the exitCode to 13 if the previous command exits with 12 or greater.
by mikedibella
2019-02-25 22:11
Forum: General discussions
Topic: smtp relay AFTER direct delivery attempt
Replies: 2
Views: 1086

Re: smtp relay AFTER direct delivery attempt

I don't think hMailServer can do that, but you could host Microsoft SMTP Service on the same machine on a custom listening port and configure it to use your Smart Host, but check the box "Attempt direct delivery before sending to smart host". Then configure hMailServer to use this local MTA as it's ...
by mikedibella
2019-02-20 19:29
Forum: General discussions
Topic: Force SMTP AUTH for specific port
Replies: 9
Views: 2144

Re: Force SMTP AUTH for specific port

Change Connection Security to STARTTLS Required. This will cause the connection to be initiated over TCP, but require STARTTLS to be completed before any other verbs can be used.
by mikedibella
2019-02-06 18:33
Forum: Scripting
Topic: SMTP relayer
Replies: 4
Views: 1962

Re: SMTP relayer

You could use SMTP route, but that would require another machine to do the sending
Or possibly run a different relay (i.e. MS-SMTP) on the same machine on a custom port and use a route to forward to that MTA, and then use MX lookup for next-hop.
by mikedibella
2018-11-07 03:20
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 2561

Re: ALternative to Office 365 Message Encryption capabilities

For the use case I describe below, the portal needs to be published, but it doesn't store the encrypted PDF. The portal is used to generate the one-time password (OTP) to decrypt the PDF. The basic flow of an starts when an email sent to the gateway is decomposed and the body and attachments are pub...
by mikedibella
2018-11-07 01:42
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 2561

Re: ALternative to Office 365 Message Encryption capabilities

I did get Ciphermail working again for PDF encryption. Let me know if you want to compare notes.
by mikedibella
2018-11-01 18:11
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 2561

Re: ALternative to Office 365 Message Encryption capabilities

It has been a while since I evaluated it. I just looked at my VCB archive and the last image I took of the appliance was in 2015. So it is very possible the project as evolved/morphed into the Ciphermail appliance. I definitely remember it was offered as a virtual appliance. The UI looks a lot clean...
by mikedibella
2018-10-31 19:47
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 2561

Re: ALternative to Office 365 Message Encryption capabilities

I looked at Djigzo a while back...http://freshmeat.sourceforge.net/projects/djigzo

I found the recipient UI too crude, might have matured since then.
by mikedibella
2018-10-09 22:17
Forum: General discussions
Topic: Having issues getting SSL certificate to work
Replies: 15
Views: 3229

Re: Having issues getting SSL certificate to work

Change connection security on port 25 from STARTTLS Required to STARTTLS Optional.
by mikedibella
2018-10-09 01:38
Forum: General discussions
Topic: Having issues getting SSL certificate to work
Replies: 15
Views: 3229

Re: Having issues getting SSL certificate to work

I also use Let's Encrypt and have had success with the instructions on this website: https://www.sslforfree.com/ The site will generate the keys for you securely on your own machine using browser extensions, so it is safe to use. Read the section about validation carefully because you can't generate...
by mikedibella
2018-10-08 19:24
Forum: General discussions
Topic: Having issues getting SSL certificate to work
Replies: 15
Views: 3229

Re: Having issues getting SSL certificate to work

The key pair generated must be used to generate the CSR that is submitted to request the certificate. The error message indicates that the private key does not match the public key in the certificate. You will need to regenerate the certificate, carefully following the steps provided in articles on ...
by mikedibella
2018-10-05 22:32
Forum: General discussions
Topic: Having issues getting SSL certificate to work
Replies: 15
Views: 3229

Re: Having issues getting SSL certificate to work

The certificate file you point to in the hMailServer configuration must have intermediates first and the leaf (server) certificate last. Assuming both of the files received from your CA are Base64 format (they have BEGIN CERTIFICATE sections), append the contents of mail_tgserver_com.crt to the end ...
by mikedibella
2018-10-04 20:00
Forum: General discussions
Topic: Having issues getting SSL certificate to work
Replies: 15
Views: 3229

Re: Having issues getting SSL certificate to work

Are you trying to enable connection security for MTA-to-MTA communications or for client-to-server communications? If you want to enable for MTA interconnections, change connection security on port 25 to STARTTLS. If you want to enable for client connections, either change connection security on por...
by mikedibella
2018-09-28 17:36
Forum: General discussions
Topic: Making LetsEncrypt Certificates usable for hMail
Replies: 6
Views: 4297

Re: Making LetsEncrypt Certificates usable for hMail

download openssl.exe and run the following command: openssl.exe pkcs12 -in file.pfx -nodes -out pem.txt Edit pem.txt and separate the sections into a certificate files and key files. Put all the certificate sections into one file with the intermediates first and leaf (server) certificate last. Put t...
by mikedibella
2018-08-31 23:16
Forum: General discussions
Topic: question about AD logins and UPNs
Replies: 7
Views: 1243

Re: question about AD logins and UPNs

One thing to keep in mind, when you enable the "Active Directory account" option, you are mapping the mailbox identity to the "Domain" and "User name" values provided. When the client negotiates authentication, it will provide the mailbox identity and password, and HMS will use the mapped Domain and...
by mikedibella
2018-08-31 22:15
Forum: General discussions
Topic: question about AD logins and UPNs
Replies: 7
Views: 1243

Re: question about AD logins and UPNs

Let me make sure I get this. You are saying that Outlook won't authenticate against HMS is unless the account configuration Email Address under User Information is the same as User Name under Login Information?
by mikedibella
2018-08-31 19:29
Forum: General discussions
Topic: question about AD logins and UPNs
Replies: 7
Views: 1243

Re: question about AD logins and UPNs

Let me make sure I understand the requirement. You have existing Outlook users that were using explicit credentials (not Kerberos or Integrated authentication) to log into Exchange. The explicit credentials included a user ID that matched the Active Directory UPN for the user and the user's AD passw...
by mikedibella
2018-08-31 17:44
Forum: General discussions
Topic: question about AD logins and UPNs
Replies: 7
Views: 1243

Re: question about AD logins and UPNs

Are you familiar with Alternative UPN Suffixes? See http://www.tutorialspoint.com/articles/ ... ory-domain.
by mikedibella
2018-03-23 21:52
Forum: General discussions
Topic: SSL Certificate
Replies: 7
Views: 1566

Re: SSL Certificate

If you don't own, and exercise authoritative control over, a domain, no public CA will generate a certificate for you for that domain.
by mikedibella
2018-03-23 20:21
Forum: General discussions
Topic: SSL Certificate
Replies: 7
Views: 1566

Re: SSL Certificate

if you want a wildcard that matches hostname.ex.geektek.com then you would enter *.ex.geektek.com in the "enter your website to secure" field and create a new TXT record with the _acme-challenge Name in the ex.geektek.com domain. Set the TTL of the record to 1 second. Wait for your secondaries to be...
by mikedibella
2018-03-23 01:28
Forum: General discussions
Topic: SSL Certificate
Replies: 7
Views: 1566

Re: SSL Certificate

CA: https://letsencrypt.org

I use this website for manual certificate issuance: https://www.sslforfree.com/

But I suggest you generate your own CSR locally if you aren't sure if your browser can support local key generation.
by mikedibella
2018-03-22 23:20
Forum: General discussions
Topic: SSL Certificate
Replies: 7
Views: 1566

Re: SSL Certificate

Is ex.geektek.com the mail domain (i.e. for the MX record Name attribute) or the server's hostname (for the MX record Data attribute)? The wildcard must match the hostname. If ex.geektek.com is the mail domain and mail.ex.geektek.com is the hostname, then you need a wildcard *.ex.geektek.com to matc...
by mikedibella
2018-03-14 22:04
Forum: General discussions
Topic: Suddenly nothing works!
Replies: 12
Views: 2390

Re: Suddenly nothing works!

Maybe:

Updates force reboot
4.1 starts first and binds port
5.6 starts can't bind
HMS starts and comms with 4.1
Disaster

Make sure you at least Disable 4.1 in SCM
by mikedibella
2018-03-02 03:50
Forum: Off-topic discussions
Topic: Windows Service Weirdness
Replies: 7
Views: 2642

Re: Windows Service Weirdness

I notice that the time between postings in the successful run is 3/100s of a second, but in the abnormal run the time differential is 1 minute and 29/100s of a second. Maybe there was some kind of failure that produced abend output?
by mikedibella
2018-03-02 00:13
Forum: Off-topic discussions
Topic: Windows Service Weirdness
Replies: 7
Views: 2642

Re: Windows Service Weirdness

Check each directory in your %PATH% for an executable named NET.EXE. If there is another executable named NET.EXE in a directory before %SYSTEMROOT%\System32, that program will be executed in your script. To fix, fully qualify the file (i.e. net -> %SYSTEMROOT%\System32\NET.EXE).