Page 1 of 2 12 LastLast
Results 1 to 10 of 11
  1. #1
    Untangler
    Join Date
    May 2008
    Posts
    38

    Default Telnet smtp session ehlo/helo 500 Syntax error

    Hello,

    I have a little problem with my UT 7.0.

    When I try to send a test mail via Telnet from internet, everytime, the first helo or ehlo command failed with this message
    220 *************************************************************************************************************************
    helo
    500 Syntax error, command unrecognized
    helo
    250 mail.my-domain.com Hello [84.102.XXX.XXX]
    or
    220 **************************************************************************************************************************
    ehlo
    500 Syntax error, command unrecognized
    ehlo
    250-mail.my-domain.com Hello [84.102.XXX.XXX]
    250-SIZE
    250-DSN
    250-VRFY
    250-AUTH GSSAPI NTLM LOGIN
    250 AUTH=LOGIN
    This error appear only from internet when the session crosses UT!!!

    Do you have an idea for fix it?

    Thanks a lot.

  2. #2
    Untangler
    Join Date
    May 2008
    Posts
    38

    Default

    I have try to disable Spam Blocker and establish a telnet session...

    Same error!!!

    Any idea?

  3. #3
    Untangler
    Join Date
    Sep 2007
    Posts
    43

    Default

    If you have a Cisco Router, try turning off the SMTP firewall.

  4. #4
    Master Untangler
    Join Date
    May 2009
    Location
    Mexico City
    Posts
    120

    Default

    Are you using Protocol Control? Disable it for a moment, and if it does the trick check the Xunlei/KuGoo threads.

    Do you have Firewall rules?

  5. #5
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,376

    Default

    definitely check kugoo and xunlei in protocol control
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Untangler
    Join Date
    May 2008
    Posts
    38

    Default

    I don't use Protocol control and I haven't intalled it!!!

    But when I connect in ssh on my UT I don't have this message!!!!

    The problem appear only when I establish a session from the internet!!!

    Here is my config:

    ISP-ROUTER ---> UT-BRIDGED ---> FIREWALL(ASA) ---> LAN

    When I connect from the LAN here is the log:
    220 mail.my-domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.
    3959 ready at Thu, 8 Oct 2009 11:21:45 +0200
    helo
    250 mail.my-domain.com Hello [172.16.4.19]
    Or
    220 mail.my-domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.
    3959 ready at Thu, 8 Oct 2009 11:22:39 +0200
    ehlo
    250-mail.my-domain.com Hello [172.16.4.19]
    250-TURN
    250-SIZE
    250-ETRN
    250-PIPELINING
    250-DSN
    250-ENHANCEDSTATUSCODES
    250-8bitmime
    250-BINARYMIME
    250-CHUNKING
    250-VRFY
    250-X-EXPS GSSAPI NTLM LOGIN
    250-X-EXPS=LOGIN
    250-AUTH GSSAPI NTLM LOGIN
    250-AUTH=LOGIN
    250-X-LINK2STATE
    250-XEXCH50
    250 OK
    Her is the log when I establish a session from UT. In my case, telnet session crosses my firewall.
    220 **************************************************************************************************************************
    helo
    250 mail.my-domain.com Hello [172.31.1.10]
    Or with the ehlo:
    220 **************************************************************************************************************************
    ehlo
    250-mail.my-domain.com Hello [172.31.1.10]
    250-XXXA
    250-SIZE
    250-ETRN
    250-PIPELINING
    250-DSN
    250-ENHANCEDSTATUSCODES
    250-8bitmime
    250-BINARYMIME
    250-XXXXXXXB
    250-VRFY
    250-XXXXXXXXXXXXXXXXXXXXXXXC
    250-XXXXXXXXXXXD
    250-AUTH GSSAPI NTLM LOGIN
    250-AUTH=LOGIN
    250-XXXXXXXXXXXE
    250-XXXXXXF
    250 XG
    So it is not my firwall because telnet from UT not display this error.

    I'm not using Protocol Control.

    Any idea?

  7. #7
    Master Untangler
    Join Date
    Mar 2009
    Posts
    130

    Default

    Hi gueutzilla
    Did you find a solution to this?
    UT is causing a similar ssue when I try & de-queue email from an upstream mail relay using telnet ETRN - I get...
    500 Syntax error, command unrecognized
    thanks

  8. #8
    Untangle Ninja mrunkel's Avatar
    Join Date
    Jul 2008
    Posts
    3,040

    Default

    Turn off smtp helper on the ASA, in conjuction with the untangle it's causing issues.

    Untangle doesn't allow EHLO and changes it to a HELO transparently to cause the server to respond with only the "normal" SMTP commands.

    This is probably confusing the SMTP helper on the ASA. You don't the SMTP helper on the ASA because untangle does all that and more.
    m.


    Big Frickin Disclaimer:
    While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions.

    It often helps troubleshooting if you have a good network map. Look here if you want my advice on how to draw one.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #9
    Master Untangler
    Join Date
    Mar 2009
    Posts
    130

    Default

    Thanks for the quick reply mrunkel - in haste I omitted that I'm not using ASA in the environment....
    I started a separate thread -
    http://forums.untangle.com/networkin...html#post79492
    - because I thought it strange that the ETRN SMTP verb is being denied by Untangle when connected from the mail server LAN side to ISP's mail relay WAN side.
    In the meantime I've been stopping SMTP scanning on UT when needing to ETRN but would like to get back to an automated approach to requesting mail de-queue while getting the quite fantastic continuous spam+virus blocking from UT. Any help from a master untangler will be appreciated!

    - S

  10. #10
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,289

    Default

    For my point of view, you have a design issue

    Internet router----Cisco ASA----UT Box Birdge-----Internal lan
    This is the correct chain for me
    Let Cisco manage firewall and VPN, and UT all other (spam, virus, protoco lfilter, and so one)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2