Author Topic: Sanity Check Please - Outgoing SMTP  (Read 1041 times)

kevtcg

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Sanity Check Please - Outgoing SMTP
« on: May 09, 2016, 03:44:07 am »
Hi All

I have set up Zentyal and Have it all working great. I am having an issue with sending email out. My understanding was that Any Authenticated User could use the SMTP server (Obviously with Authentication set in their mail client)

However I cannot send out email unless I create an SMTP Relay filter for the Machine they're using. This is fine for Static Desktops etc but does not seem practical for iPhones/Android Phones/Home PC's etc.

Am I correct in my understanding that Authenticated Users should be able to relay out SMTP Messages? Or Have I missed something.

Any Help would be appreciated.

Oh and the client s do not wish to use Activesync/Exchange type messaging yet, just POP/IMAP/SPOP/SIMAP.

Kev

trysomething

  • Zen Warrior
  • ***
  • Posts: 119
  • Karma: +5/-0
  • Founder of The Tiki Lab
    • View Profile
    • The Tiki Lab | Bridging the gap between technology and vision impairment!
Re: Sanity Check Please - Outgoing SMTP
« Reply #1 on: June 09, 2016, 12:52:40 am »
OK, so there's a whole bunch of stuff you didn't get told properly, that being said it's likely a simple solution.
First of all are you using Zentyal as a Gateway and Email server?  because that's actually not supposed to be a thing and it's probably 99% of your problem there.
Second have you read the part about installing the Root CA certificate on clients that are not joined to the domain?
There are 3 different scenarios in the Wiki that go over connecting clients, but first of all if you go into https://yourzentyaldomain/webmail, login and send a test message to a Google, Hotmail or Yahoo email address does it go through?  If so cool you have port 25, if not call your ISP and ask if port 25 is blocked or not, if it's blocked then you've got a whole lot of thinking to do.
BBeyond that if you are going to use the self signed certificate then on a Windows machine with Outlook you'll need to go into your Zentyal admin GUI and browse to Mail > Openchange and then click the download the certificate file.  Once you have the file then you'll have to install the cert into your Trusted Root Certificates folder (which is not how it works automatically).  Once that's done your Outlook should work fine for machines inside and outside of the LAN that are not joined to the domain.
The same goes for mobile devices, but you'll have to find out what format you can install the certificate to the device.
OR you can go buy a 3rd party UCC/SAN cert that covers:
yourhostname.yourdomain.com
autodiscover.yourdomain.com
yourdomain.com
and if you're going to do web hosting throw in www.yourdomain.com - Comodo has one that's like $50/year so it's worth it.  I wrote a tutorial on how to install 3rd party SSL and it works like a champ.
There's also the distinct possibility that you've entered all of the necessary DNS records into Zentyal, but not your external DNS - which you'll need to put any SPF, SRV and other pointers into your external DNS host too.
Anyways there's a quick getting started guid for you, those are the most likely culprits.  If none of that works drop an update in here and we'll get things narrowed down for you.
You will have to excuse my posts not having actual links in them.  I'm blind and can never find that insert hyperlink button LoL.  If you, or someone you know has vision problems check out The Tiki Lab.