Synametrics Technologies

Hi.

I am attempting to configure Synaman 4.1 - build 1496 to relay through Office 365 via SMTP.

So far it can sent only to other internal recipients. Also, it does not seem to matter what the password is; an incorrect one still only allows email to be sent to the same domain, but not external ones. It seems that it may be not even attempting to authenticate.

Any ideas what is wrong?

This is not a bug in SynaMan, but a restriction in Office 365, which does not allow you to change the sender of the email when the message to relayed to an outside domain.

Consider the following example:

• A user john@protectorfire.com.au has an account in SynaMan
• John wants to send a public link to jane@gmail.com
• The generated email will have John as the sender and Jane as the recipient. Since you are using "transfer" as the login id for SMTP Auth, MS Office will not allow you to use John as the sender.

You have two options:

1. Use the 3rd option mentioned here.
2. Use a different SMTP server, perhaps one on your local LAN, which will then send the emails outside. Take a look at Xeams (http://xeams.com). Use its Community Edition, which is free.

That is not the problem I am having. Synaman is not making any attempt to authenticate, as transfer@protectorfire.com.au or anyone else. If it did the login ID and sender name would probably match. I turned off TLS, grabbed packets, and analysed some SMTP transations

Here is a screenshot of a Wireshark capture after clicking "Click here" to send a test message. This worked, even without authentication, because there was no relaying involved.

Here is another capture after a failed atempt to send an "invite users" email. Once again, not AUTH command to be seen. This failed, as relaying without first authenticating is obviously not allowed.

You are correct - authentication is not being sent. I am glad you posted the wireshark screenshots. It appears you are using a firewall (probably Cisco PIX/ASA) that is performing SMTP Fixup. Try Googling "smtp fixup" for details. Two things happen when fixup is enabled:

1. You see bunch of asterisks in the SMTP banner
2. It can disable certain SMTP features. In this case, it has disabled the SMTP AUTH. As a result, authentication is never sent.

See image below.

The result of the EHLO command should include at least two features: AUTH and STARTTLS. Both are missing on your end. Try using port 587 instead and do a similar wireshark trace. It is very likely MS does not allow AUTH without STARTTLS.

Another suggestion is to use Email Sender program from http://xeams.com/email-sender.htm . Download this program in the installation folder of SynaMan and try sending an email to your SMTP server. Send us the logs.

OK, looks like you have nailed the root cause of this problem. There is indeed a Cisco ASA-5508x between the machine hosting Synaman and the outside world. It is indeed mangling SMTP transactions.

Next issue I have is configuring the firewall to leave SMTP alone, disabling this is not obvious. Also not your problem, thanks for narrowign things down so well for me.

OK, after a bit of effort, I was able to disable ESMTP inspection on the Cisco firewall. Unfortunatly, this made little difference. The STARTTLS verb now gets through, and an encrypted session initiates. Assumedly an AUTH verb should have been used within the encrypted channel, but of course it is a little diffcult to tell.

I would lie to have included a screenshot,  however the forum software is bing uncooperative.

When I right click and choose Insert/edit image, I get an empty requster frame. I can paste, but then when I click "post message, I am greeted with  

Mal,

I recommend you use the Email-Sender program (http://xeams.com/email-sender.htm)  I mentioned in my previous post, which will help you troubleshoot this without wireshark. I have a feeling that the AUTH verb is not sent by Microsoft unless encryption is used. Off course, you will not be able to capture encrypted communication in wireshark.

As far as forum posting goes, we only allow hyper links to certain domains. We had a hughproblem related to junk messages on our forum and had to implement certain rules to avoid them. Try copying/pasting the image like you did earlier and make sure the image does not refer to a foreign website.