6.0.0-alpha12
6/12/25

[#13042] Horde 5.1.6 doesn't really use submission port 587!
Summary Horde 5.1.6 doesn't really use submission port 587!
Queue Horde Groupware
Queue Version 5.1.4
Type Bug
State No Feedback
Priority 1. Low
Owners
Requester klaus (at) tachtler (dot) net
Created 03/12/2014 (4110 days ago)
Due
Updated 07/12/2014 (3988 days ago)
Assigned 03/18/2014 (4104 days ago)
Resolved 07/12/2014 (3988 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
07/12/2014 05:27:58 PM Michael Rubinsky State ⇒ No Feedback
 
03/18/2014 10:03:34 PM Git Commit Comment #5 Reply to this comment
Changes have been made in Git (master):

commit 86ef55186f749ab0a37e0d6389ddb75e13e9a66e
Author: Michael M Slusarz <slusarz@horde.org>
Date:   Tue Mar 18 16:01:21 2014 -0600

     SMTP auth param long ago changed to boolean option

     Actual auth method is automically-determined from the server.

     See Ticket #13042

  horde/config/conf.xml |   10 +++-------
  1 files changed, 3 insertions(+), 7 deletions(-)

http://git.horde.org/horde-git/-/commit/86ef55186f749ab0a37e0d6389ddb75e13e9a66e
03/18/2014 10:02:47 PM Michael Slusarz Comment #4 Reply to this comment
Can't reproduce.  Verified that port 587 in configuration uses port
587 to send messages.  There is no fallback to port 25.
You have not provided the place in Horde where it is using port 25 
instead of port 587.

Do note that IMP may provide an entirely different SMTP configuration.

Also note that the 'auth' parameter no longer honors a specific auth 
type, since there is no need for it - the best available 
authentication method is used.  (There is no reason to be using 
CRAM-MD5 when under TLS).  Looks like I never took that out ... 
removed for Horde 5.2.
03/18/2014 08:50:02 PM klaus (at) tachtler (dot) net Comment #3 Reply to this comment
Can't reproduce.  Verified that port 587 in configuration uses port 
587 to send messages.  There is no fallback to port 25.

Make sure all of your Horde libraries are updated.  Otherwise, you 
will need to trace the code to figure out where things are behaving 
differently on your system.
MTA - Postfix LISTEN ON:
# netstat -tulpn | grep master
tcp        0      0 0.0.0.0:465                 0.0.0.0:*               
      LISTEN      32094/master
tcp        0      0 0.0.0.0:25                  0.0.0.0:*               
      LISTEN      32094/master
tcp        0      0 10.0.0.60:10025             0.0.0.0:*               
      LISTEN      32094/master

NO Port: 587!

MTA - Postfix /var/log/maillog:

Mar 18 21:34:21 rechner60 postfix/smtpd[32104]: connect from 
rechner60.dmz.tachtler.net[192.168.0.60]
Mar 18 21:34:21 rechner60 postfix/smtpd[32104]: setting up TLS 
connection from rechner60.dmz.tachtler.net[192.168.0.60]
Mar 18 21:34:21 rechner60 postfix/smtpd[32104]: Anonymous TLS 
connection established from rechner60.dmz.tachtler.net[192.168.0.60]: 
TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Mar 18 21:34:22 rechner60 postfix/smtpd[32104]: NOQUEUE: 
client=rechner60.dmz.tachtler.net[192.168.0.60], sasl_method=PLAIN, 
sasl_username=geheim
Mar 18 21:34:25 rechner60 postfix/smtpd[32139]: connect from 
rechner70.dmz.tachtler.net[192.168.0.70]
Mar 18 21:34:25 rechner60 postfix/smtpd[32139]: 15A785F124: 
client=rechner60.dmz.tachtler.net[192.168.0.60]
Mar 18 21:34:25 rechner60 postfix/cleanup[32141]: 15A785F124: 
message-id=<20140318213421.Horde.P4bJ-wixCNAoaEQTi6owkg9@mx1.tachtler.net>
Mar 18 21:34:25 rechner60 postfix/qmgr[32097]: 15A785F124: 
from=<klaus@tachtler.net>, size=2070, nrcpt=1 (queue active)
Mar 18 21:34:25 rechner60 postfix/smtpd[32139]: disconnect from 
rechner70.dmz.tachtler.net[192.168.0.70]
Mar 18 21:34:25 rechner60 postfix/smtpd[32104]: disconnect from 
rechner60.dmz.tachtler.net[192.168.0.60]
Mar 18 21:34:26 rechner60 postfix/smtp[32142]: setting up TLS 
connection to ...:25
Mar 18 21:34:26 rechner60 postfix/smtp[32142]: Trusted TLS connection 
established to ...:25: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 
bits)
Mar 18 21:34:26 rechner60 postfix/smtp[32142]: 15A785F124: 
to=<empfaenger>, relay=...:25, delay=1.8, delays=0.06/0.05/1.3/0.45, 
dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3fpR1t5XjnzfwhV)
Mar 18 21:34:26 rechner60 postfix/qmgr[32097]: 15A785F124: removed

----- conf.php -----
...
$conf['mailer']['params']['host'] = 'mx1.tachtler.net';
$conf['mailer']['params']['port'] = 587;
$conf['mailer']['params']['localhost'] = 'mx1.tachtler.net';
$conf['mailer']['params']['auth'] = 'CRAM-MD5';
$conf['mailer']['type'] = 'smtp';
$conf['mailformat']['brokenrfc2231'] = false;
...
----- conf.php -----

Could you see, connection to Postfix is possible, and the 
AUTH-Mechanism was PLAIN, NOT CRAM-MD5.

I had Horde Version 5.1.6, only ActiveSync was NOT up-to-date, because 
of dependency problems, all other parts like horde, imp usw. were 
up-to-date.

Thank you!
Klaus
03/18/2014 07:43:44 PM Michael Slusarz Comment #2
Priority ⇒ 1. Low
State ⇒ Feedback
Reply to this comment
Can't reproduce.  Verified that port 587 in configuration uses port 
587 to send messages.  There is no fallback to port 25.

Make sure all of your Horde libraries are updated.  Otherwise, you 
will need to trace the code to figure out where things are behaving 
differently on your system.
03/12/2014 02:31:36 PM klaus (at) tachtler (dot) net Comment #1
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ Horde 5.1.6 doesn't really use submission port 587!
Queue ⇒ Horde Groupware
Milestone ⇒
Patch ⇒ No
State ⇒ Unconfirmed
Reply to this comment
Hi,

i configured following lines in Horde 5.1.6 .../config/conf.php

----- conf.php -----
...
$conf['mailer']['params']['host'] = 'mx1.tachtler.net';
$conf['mailer']['params']['port'] = 587;
$conf['mailer']['params']['localhost'] = 'mx1.tachtler.net';
$conf['mailer']['params']['auth'] = true;
$conf['mailer']['type'] = 'smtp';
$conf['mailformat']['brokenrfc2231'] = false;
...
----- conf.php -----

When I disable submission port 587 on mx1.tachtler.net and my postfix 
is only listen on port 25 and 465 i can sent e-Mail from Horde to the 
world. I think this is not correct, or did Horde make a fallback to 
port 25, if port 587 is not reachable.

I also configured to use CRAM-MD5, but only PLAIN was used for 
SASL-Authentication.

When I use my Android device, I can see the CRAM-MD5 submission port login.

Thank you!

Saved Queries