Problems with SMTP

I have just changed my ISP and my email address.
I hit a problem I encountered before but never solved. Now that I have 2 email addresses it wouldn't accept the regular SMTP address for the new mail which is mail."myisp".com.au
After discussions with my ISP I had to give a direct numerical address to use for mail responses. According to the support person this is a regular problem with OSX.
Is this right or wrong? This is not the only quirk I find with Mail in OSX.

Similar Messages

Post Moved Continual-problem-with-SMTP-passwor...

Post Moved to Other BB Queries http://community.bt.com/t5/Other-BB-Queries/Continual-problem-with-SMTP-password-being-blocked/td-p/...
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

Post Moved to Other BB Queries http://community.bt.com/t5/Other-BB-Queries/Continual-problem-with-SMTP-password-being-blocked/td-p/...
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

Problems with SMTP port forwarding on ASA 5505

Cannot telnet to port 25 to test for SMTP traffic. Packet trace indicates that the packet is dropped by the implicit rule, but I have tried an access rule specifically for SMTP, and the trace appears to skip the rule and drop the packet when it hits the implicit default drop rule. Can anyone help? Here is my configuration:
ASA Version 8.2(5)
hostname XXXXXXXXXXXXXXXXX
enable pXXXXXXXXXXXXXXXXXXXXX encrypted
passwd XXXXXXXXXXXXXXXXXX encrypted
names
name XXX.XXX.XXX.74 DNI-HOST1
name XXX.XXX.XXX.184 DNI-HOST2
name 192.168.1.2 Server
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address XXX.XXX.XXX.130 255.255.255.248
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
object-group service rdp tcp
port-object eq 3389
access-list INBOUND extended permit icmp any any time-exceeded
access-list INBOUND extended permit icmp any any echo-reply inactive
access-list INBOUND extended permit icmp any any
access-list INBOUND extended permit tcp any any eq smtp
access-list INBOUND extended permit tcp any any eq https
access-list INBOUND extended permit tcp any eq 3389 any object-group rdp
pager lines 24
logging enable
logging buffered warnings
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
access-group INBOUND in interface outside
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XXX.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 inside
http DNI-HOST2 255.255.255.255 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca [REDACTED]
quit
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh 206.190.255.0 255.255.255.0 outside
ssh DNI-HOST2 255.255.255.255 outside
ssh DNI-HOST1 255.255.255.255 outside
ssh timeout 5
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
username Administrator password XXXXXXXXXXXXXXXXXXXX encrypted
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
: end

Thanks. I made the suggested changes, here are the results of packer-tracer:
ASA# packet-tracer input outside tcp 1.2.3.4 1234 XXX.XXX.XXX.130 25
Phase: 1
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
match tcp inside host Server eq 25 outside any
    static translation to XXX.XXX.XXX.130/25
    translate_hits = 0, untranslate_hits = 3
Additional Information:
NAT divert to egress interface inside
Untranslate XXX.XXX.XXX.130/25 to Server/25 using netmask 255.255.255.255
Phase: 2
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group INBOUND in interface outside
access-list INBOUND extended permit tcp any host XXX.XXX.XXX.130 eq smtp
Additional Information:
Phase: 3
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 4
Type: INSPECT
Subtype: inspect-smtp
Result: ALLOW
Config:
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect esmtp _default_esmtp_map
service-policy global_policy global
Additional Information:
Phase: 5
Type: HOST-LIMIT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
match tcp inside host Server eq 25 outside any
    static translation to XXX.XXX.XXX.130/25
    translate_hits = 0, untranslate_hits = 3
Additional Information:
Phase: 7
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
match tcp inside host Server eq 25 outside any
    static translation to XXX.XXX.XXX.130/25
    translate_hits = 0, untranslate_hits = 3
Additional Information:
Phase: 8
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 24392, packet dispatched to next module
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: allow
I'm not all that experienced with translating these results, but on the surface, it appears to be passing traffic. However, I still cannt telnet to the public IP using port 25. I am using Putty as my telnet client and it doesn't generate an error. At no time am I able to interact with the prompt in the putty window. The putty window just closes abruptly after about 10 seconds. Does the line in Phase 7 containing 'untranslate_hits=3' have anything to do with my issue?
Here is the new config:
NUGENT-ASA# show run
: Saved
ASA Version 8.2(5)
hostname NUGENT-ASA
enable password XXXXXXXXXXXXXXXXXXXX encrypted
passwd XXXXXXXXXXXXXXXXXX encrypted
names
name XXX.XXX.XXX.74 DNI-HOST1
name XXX.XXX.XXX.184 DNI-HOST2
name 192.168.1.2 Server
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address XXX.XXX.XXX.130 255.255.255.248
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
object-group service rdp tcp
port-object eq 3389
access-list INBOUND extended permit icmp any any time-exceeded
access-list INBOUND extended permit icmp any any echo-reply inactive
access-list INBOUND extended permit icmp any any
access-list INBOUND extended permit tcp any host XXX.XXX.XXX.130 eq smtp
pager lines 24
logging enable
logging buffered warnings
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
static (outside,inside) tcp interface smtp Server smtp netmask 255.255.255.255
access-group INBOUND in interface outside
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XXX.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 inside
http DNI-HOST2 255.255.255.255 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca [REDACTED]
quit
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh 206.190.255.0 255.255.255.0 outside
ssh DNI-HOST2 255.255.255.255 outside
ssh DNI-HOST1 255.255.255.255 outside
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns 8.8.8.8 4.2.2.2
dhcpd address 192.168.1.100-192.168.1.131 inside
dhcpd dns 8.8.8.8 4.2.2.2 interface inside
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
username Administrator password XXXXXXXXXXXXXXXXXXXXXXX encrypted
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:XXXXXXXXXXXXXXXXXXXXXXXXXXX
: end

Problem with SMTP from one computer but not another

I have an iMac connected directly to my network via Ethernet and a MacBook Pro which connects via wireless. I have a program installed on my iMac that sends me alerts via e-mail, and it works just fine. When I try and use Mail, however, on my MBP with the exact same settings and credentials, it fails. To make this even more perplexing, Mail works fine from my office on a different network.
To work around this, I use Comcast's SMTP server on my laptop, but why would my regular e-mail provider's SMTP work on one machine and not another on the same network? The only difference is one is connected via Ethernet and the other by wireless.
I use a Time Capsule as my router and wireless access point. Has anyone got an idea about what's causing this?

Please report the relationship, if any, of the "regular e-mail provider's SMTP" and your ISP? If Comcast is your ISP, they regularly block use of Port 25, but if you have selected Use Default Port in Mail Preferences/Accounts/Account Information for the Outgoing Server, then it may be making the wrong choice to work with Comcast. Regardless of the ISP, for this regular account click on the arrows beside the name of the SMTP, choose Edit Server List, then click on the Advanced Tab that will then be seen and choose Use Custom Port, then enter the proper port directly -- that port is probably Port 587, but that could depend on the advisory of the email provider for using their SMTP.
Ernie

SSL Cert problem with smtp

If I use a self signed cert and name it default the smtp mail service works.
If I try to use the cert I got from the CA, the imap service works with the cert, however the smtp service does not.
This is most odd

You don't need to buy a new one.
See here for more info:
http://discussions.apple.com/thread.jspa?messageID=6251145&#6251145

Problems with smtp - unknow source

I was trying yo use JavaMail to send emails via SMTP. I receive a exception about
java.security.AccessControlException: access denied (java.net.SocketPermission 10.72.0.11:25 connect,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
All about user, password, smtp server ... are correct. I use a domain work in the intranet ... so, i have no idea to resolve it. The server kick me... maybe the domain?? Any property for it?? .
Any idea???
thanks

I solve it. It was easy but difficult to find. THe librery was signed by sun, so, you need the extension type in your jnlp file ( i was using java web start) but i forgot give "all permisions" for the second (Extension) jnlp file.
thanks

HT6030 Mail on Maverick is working on and off - one day problems with Smtp than this works and Imap is not working and then all works for a day and then nothing works - advice?

Mail on Maverick is very problematic since latest upgrade. One day it works other day it doesn't, especially with gmail. I don't change any settings but one day it will work and the other it will not. What give? All updates are installed....

Hi Paweltu!
Here’s an article that will help you troubleshoot this issue with your Mail program:
OS X Mail: Troubleshooting sending and receiving email messages
http://support.apple.com/kb/ts3276
Take care, and thanks for visiting the Apple Support Communities.
-Braden

Login problems with SMTP and WebMail

Hello- hoping I can get some help on this one.
I have a OS X (10.4.8) Server running a website, email, and file services (AFP only). Everything seems to be working well, except for SMTP. I have set up mail services to use CRAM-MD5 authentication for IMAP/POP and SMTP, but I can only log in to IMAP. SMTP gives a "Trying to log into this SMTP account failed. Please make sure the username and password are correct." (using the Connection Doctor feature in Mail). If I use WebMail, I simply get a "Login Failure" message.
I know for a fact the ID & password are correct; I have tried several different accounts and setups, but none seem to work. I can log into AFP services using the same id/pw just fine.
Any ideas where I should look to fix this issue?

Open terminal and issue:
sudo /usr/share/squirrelmail/config/conf.pl
Configure SquirrelMail to your liking and make sure server settings reflect your requirements for authentication.
Alex

SMTP problem with WRT54GL

I've seen similar issues here but haven't seen a solution yet. Whenever I send an email there is a 30 second delay. This is true for all computers on my network, windows or linux and for two different SMTP servers at different locations. Also Thunderbird and Outlook show the same problem, the router seems to be the common element.
I used Wireshark to capture the transaction and found a consistent problem. The TCP/IP connection gets created very quickly (SYN/SYN-ACK/ACK) and then there is a 30 second delay before receiving the first SMTP 220 packet.
My theory is that the first packet returned from the SMTP server is getting blocked by the router, causing it to time out and retry. To test this idea I put one of my systems in the DMZ and the message got sent right away.
Now, here's where it gets a little more interesting. I had expected only the DMZ machine to be helped but *all* of the systems worked correctly with this one machine in the DMZ. I even tried putting an embedded linux based NAS server as the DMZ machine and again the situation improved. I also tried setting the DMZ to an unused IP address in the subnet and that did not make the problem go away, otherwise I might just have left it at that, but I don't want to have any real machines in DMZ.
I am only seeing this problem with SMTP packets, and then it's only the first one that comes back from the server. HTTP, SSH, everything is fine.
BTW, firewall on the router is disabled as well as on the clients. The router is at firmware revision 4.30.5 which is the most recent that I found on the Linksys site.
Any clues, things to try? I can provide any details for network captures if it will help.
Thanks in advance,
Joe Meadows

Well, 30 seconds sounds like something tries to connect to a "stealth" port and retries until it times out. This usually happens, when you have a SMTP, POP or IMAP server running on Unix which still uses the identd service on port 113. With ident the server asks the client about the username which is trying to connect. This service is pretty useless in the internet because it is totally unsecure and thus no server can rely on this anymore, but some libraries still have it built-in.
The problem arises when the client computer or the gateway in front of the client is "stealth"ing ports. If a port is closed (because no service is running on port 113) the computer would immediately reply to that no connection can be established. However, people think it is better when the port is "stealth" meaning: the computer does not answer at all, thinking the computer would be invisible (which it is not because a computer that is not answering is obviously there...)
The standard IP procedure for the server is to wait for the answer until it times out. Then retry 2 or 3 times. Quickly you have 30 seconds until the server gives up on the identd and continues.
However, you say you have the firewall disabled on your router. That would mean that the ident port should be properly reported closed and is not stealth. You could test with a port scan in the internet whether your internet ports are really reported closed or "stealth"ed. It should be closed if the firewall is off. (By the way, firewall off means access to the web-based management from the internet is possible...)
Many routers have the option to filter ident in the security settings. Usually you would turn off that option if you experience this problem. It should be off with the firewall turned off. However, all the symptoms you describe would fit.
If you put a host into DMZ which is not running a firewall and thus does not keep port 113 stealth it obviously helps any client that connects: the ident request is always sent to the DMZ and the DMZ reports the port closed and immediately the connection continues.
I used to forward port 113 on a different router to my network printer because it has a static IP address and it does not have a firewall thus reports 113 closed.
You could try to remove the DMZ and only forward port 113 to that computer.
You could also install a packet sniffer on the DMZ to see what packets arrive when you try to connect with a client to the SMTP server. Then you should see that a ident SYN on port 113 arrives (or something else if it is not ident...)

Problem with cisco series 800 router and SMTP

Hello,
we bought a 877 cisco router and have some problem with SMTP.
I try to read all forum and KB about but do not find any solution.
the problem is that when i try to send any email from client (windows mail) i receive a error 533: you need to supply the correct username and password.
when trying throught hmailserver i receive an email "undeliverable" with this error in body:
Error Type: SMTP
Remote server (62.149.128.202) issued an error.
hMailServer sent: EHLO Globalnet
Remote server replied: 502 unimplemented (#5.5.1)
receving email work correctly.
i'm already using smtp auth, and with my old router everything work fine.
so i beleive is a config problem, maybe with ESMTP (ehlo)?.
i attach my config:

Dear sirs
Thank you for answer so quickly
I download this document from Cisco âConfiguring the (Remote) Common Application Programming Interface for Cisco 800 Series Routerâ.
I have a Lan with Asterisk IP-PBX , the Cisco router have a BRI to public exchange (ISDN) , the router act like a DCP (ISDN- Device Control Protocol) server and listen (DCP messages) in 2578 port.
I need o know the contents of the TCP frame that carry (ISDN-TCP, the DCP messages) to put a SIP client to talk with PSTN/ISDN using the router. I want to write a software module in Asterisk that translate SIP in (ISDN-DCP) to connect the SIP Phones to the PSTN/ISDN using the BRI ports of the Cisco router. I need to now the contents of this message to dialogue with RCAPI server of the router.
If forum is the right place perhaps to put this, Could you give me a better place, a mail or other forum to receive the speciation of (ISDN-DCP)
thank you
With kinds Regards
JoÃ£o Pereira Rosa

HELP!! asa 5505 8.4(5) problem with port forwarding-smtp

Hi I am having a big problem with port forwarding on my asa. I am trying to forward smtp through the asa to my mail server.
my mail server ip is 10.0.0.2 and my outside interface is 80.80.80.80 , the ASA is setup with pppoe (I get internet access no problem and that seems fine)
When I run a trace i get "(ACL-Drop) - flow is deied by configured rule"
below is my config file , any help would be appreciated
Result of the command: "show running-config"
: Saved
ASA Version 8.4(5)
hostname ciscoasa
domain-name domain.local
enable password mXa5sNUu4rCZ.t5y encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group ISPDsl
ip address 80.80.80.80 255.255.255.255 pppoe setroute
ftp mode passive
dns server-group DefaultDNS
domain-name domain.local
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Server_SMTP
host 10.0.0.2
access-list outside_access_in extended permit tcp any object server_SMTP eq smtp
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network obj_any
nat (inside,outside) dynamic interface
object network server_SMTP
nat (inside,outside) static interface service tcp smtp smtp
nat (inside,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 10.0.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
vpdn group ISP request dialout pppoe
vpdn group ISP localname [email protected]
vpdn group ISP ppp authentication chap
vpdn username [email protected] password *****
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:c5570d7ddffd46c528a76e515e65f366
: end

Hi Jennifer
I have removed that nat line as suggested but still no joy.
here is my current config
Result of the command: "show running-config"
: Saved
ASA Version 8.4(5)
hostname ciscoasa
domain-name domain.local
enable password mXa5sNUu4rCZ.t5y encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group ISP
ip address 80.80.80.80 255.255.255.255 pppoe setroute
ftp mode passive
dns server-group DefaultDNS
domain-name domain.local
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Server_Mail
host 10.0.0.2
access-list outside_access_in extended permit tcp any object Server_Mail eq smtp
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network obj_any
nat (inside,outside) dynamic interface
object network Server_Mail
nat (inside,outside) static interface service tcp smtp smtp
access-group outside_access_in in interface outside
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 10.0.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
vpdn group ISP request dialout pppoe
vpdn group ISP localname [email protected]
vpdn group ISP ppp authentication chap
vpdn username [email protected] password *****
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:f3bd954d1f9499595aab4f9da8c15795
: end
also here is the packet trace
and my acl
Thanks

Problem with yahoo! SMTP POP server mail account on new upgraded iphone 4.3.5

PLEASE HELP!
I am a California AT&T wireless customer with a new iphone 4 on the iOS 4.3.5 upgraded system and suddenly I am unable to successfully add my Yahoo! email account and have it configured to send/receive my emails. I was able to successfully add my gmail and Microsoft exchange server account, but only problems with the Yahoo! I checked all the settings, have done several add/delete accounts, restore network settings, and retry/reboots, to no avail. This is a seriously annoying problem, it worked with the pre-upgraded older version fine without any problems ever. I continually get the same error message: SERVER UNAVAILABLE, please try again later.
I know this error is inaccurate because all my other email accounts work fine as well as Safari and all other internet connections and apps. It is not a phone thing, it is some yahoo and upgraded software incompatibility issue that no one seems to have resolved yet.
This is a SMTP PUSH POP account, and I have literally tried everything. I have tried all the fixes while connected to wifi, and then tried them just via my 3G cell network connection. I read on a message board about turning on/off SSL, could someone tell me how to do that? When I go into to:
settings>mail accounts>outgoing mail server SMTP>Yahoo! SMTP, everything is grayed out and I can't change any ports or SSL.
When I try to manually add a server, which I was told was a fix, I don't know what to type into the host name. Does anyone know how to help?
I have seen this problems on numerous message boards, even in the UK. I contacted Apple Support, with no success in resolving this problem, had an open case for several days contacted several supervisor personnel, all advised me to contact Yahoo! who do not offer customer care via telephone only online, and nothing there helped to resolve my issue.
PLEASE, PLEASE HELP!
THANKS

Yahoo's servers have been having problems off and on now for close to a month if not longer. There's not much you can do about it except talk to Yahoo, which is kind of like beating your head against a wall. They've had problems like this off and on since as far back as the mid 90's. I gave up on them long ago. Just convert to something else and dump them. It's not worth the headache.

Having problem with gmail smtp server. Since going to google 2-step, and entering 16-digit code in gmail account, I can receive mail on my iMac, but cannot send. What do I do?

Having problem with gmail smtp outgoing server. Since going to google 2-step, and entering 16-digit code in gmail account, I can receive mail on my iMac, but cannot send. I keep getting an error message that Mail "Cannot send message using Gmail (my assigned name) server." What do I do?

Confirm you did this: https://support.google.com/mail/answer/1173270?hl=en
You might also try removing all gmail passwords from your keychain in Keychain Access. Then connect again and enter the password code given by Google.

Problem with access to SMTP, IMAP, POP3 protocols in CAS 2013.

Hi,
we have problem with access thgrough SMTP, IMAP, POP3 protocols in CAS 2013.
If I test connection to SMTP 25 port from other computer, session end quickly.
Test from CAS2013 to localhost or public IP is OK (similar also for IMAP and POP3).
Receive connectors are with defaults settings, firewall is disabled.
Service Microsoft Frontend Transport Services restarted, but no success.
Certificate is assigned to IMAP, POP3, SMTP, IIS.
IIS and HTTP(s), protocols are OK. Clients can connects only thgrough web, mobile (ActiveSync), or with Outlook with proxy.
Do you have some tip, what to test?
If I create new testing receive connector on port 26 for anonymous, behaviour is same, quick disconnecting.
Thank's Mirek

Hi,
Pleaser try to use the following link to test your STMP/POP/IMAP e-mail, and check the test if successful:
https://testconnectivity.microsoft.com/
If unsuccessful, please check the test result, it will tell us what caused the problem.
Thanks.
Niko Cheng
TechNet Community Support

Problems with authenticated smtp on Mac mail 2

I do support for a small ISP and we are seeing problems with Mac Mail authenticating to the smtp server. The settings that should work are:
outgoing server: asmtp.gorge.net
Username: full email address
Outgoing server port: 2525 or 587
We typically turn on password for the authentication type. In some customers, nothing seems to work. They get an error that their email address can't authenticate. Any ideas on what settings might work for this?

Teri,
Reading the guidance for Outlook Express, I note:
"Step 11. On the Servers tab under Outgoing Mail Server, check the box titled My server requires authentication. Then go to the Advanced tab. Below select the option use same settings as incoming server. (emphasis added)"
In Mail, this is normally the same as specifying authentication of None, and not entering the Username or Password again for the Outgoing Server. This type of authentication, does not result in appending the Username entry (Username corresponds to Account Name in Outlook Express). Mail will authenticate to the SMTP with the Username and Password used for the Incoming, if prompted by the server, and the separate, hard, (and redundant) authentication resulting from using Password in the Outgoing Server entry boxes will cause a failure. However, this type of authentication (which is often called SMTP after POP3, or POP3 before SMTP) is normally conducted on Port 25. In my experience, the use of Port 587 is meant for those SMTP that must have a separate authentication, and where you will see the name altered to include the Username. Hopefully this will work with Port 2525, but I have not confirmed. SMTP after POP3 authentication does not help sending from remote providers, such as found in internet cafes, and this is why some ISPs provide a SMTP that does require separate, Password Authentication.
In the new Mail Setup Assistant, there is now the option to specify to use the same settings, but not enter the Username and Password -- this is not obvious, but well known by some ISPs, but not all -- this is really the same as changing to None in an existing account, and removing the Password and Username entries. Also, in Mail, I would NOT expect any default names to appear, unlike what your Mac Mail instructions imply.
Keep me posted.
Ernie

Problems with SMTP

Similar Messages

Maybe you are looking for