# Using SMTP with Jmail and ASP



## annagel (May 18, 2005)

I have been having a problem trying to send emails with code imbedded in an asp page. The whole problem started when the smtp server we had been using crashed. At this point things where done, though unfortunatly I am not sure what they were because I was not here, to try and fix the problem. Now we have some new servers to use but the email's still fail to be transmitted.

The details.

We are using a component called Jmail to do the sending, I have alse tried using another component CDO that comes with IIS to accomplish the same thing but I get the exact same error.

The first thought that came to my mind was bad link the smtp server is just blocking us. So I set up outlook express on the server to send mail using the same smtp server. Went through no problem at all. The I tries using telnet to connect to the smtp server on port 25 (telnet servername 25). This failled also.

My next step was to take a look at what was going on the network exactly so I installed ethereal to monitor traffic across the systems network card. What I saw was weird. When outlook express sent a message it was sent just as you would expect it to the program connected and sent data to the smtp server in a normal smtp exchange. When I tried to run the code on the webserver or make the telnet connection nothing even makes it down to the network adapter. It is all being stopped somewhere else.

Now about the setup.

I don't have all that much dirrect access to the server unfortunatly but what I know I will tell you. It is running Windows 2000. It is using IIS to serve it's web pages. There is just one network adapter (we thought this night be a problem for a while). There is no firewall running on the webserver itself only on other servers through which the server goes to get on the internet (for a while this felt a lot like a software firewall but no go).

That's all I can think of putting up now but if you want to know something else let me know I will tell you what I know. Any ideas at all anyone has please feel free to let me know. I have been on this for 3 days now and this is just getting to be too much.

Thanks for any help anyone


----------



## AKA Arizona (Jul 22, 2003)

Welcome to TSG Annagel
I am asuming this is an enternal email system (intrAnet) or is this used outside of the office? If its used outside of the office are the needed router ports open. Has the new servers found the router and has the router corectly ID the servers mac address?


----------



## annagel (May 18, 2005)

Yes and no. The server is next door but it is still under our control. Also I am just about positive that it is indeed accepting connections from our server. Like I said when I use outlook express running on the web server it connects to the smtp server and transmits the mail. Using etheral to look at the packets being sent outlook express is definatly connecting to the correct smtp server. Also using ethereal to look at what happens when one of the other apps tries to send data to the server there is no data sent across the network at all. Not even a connection request with no reply.


----------



## AKA Arizona (Jul 22, 2003)

OK what about user permissions? has the new server been setup idetical to the old?


----------



## annagel (May 18, 2005)

I think you may have misunderstood. It was the smtp server that crashed not the web server. This address was changed so I am trying to send via a different smtp server but the webserver is the same machine. There have I am sure been changes unfortunately no one seems to be able to tell me what they were. The best I got was that well someone had been working on it which was not all that helpful. Are there ceratin areas of permission I should be checking out? I am just wondering what kind of setting would allow outlook to send a smtp message but not telnet or components.

thanks
Andrew


----------



## AKA Arizona (Jul 22, 2003)

There are none that I am aware off, I will have to ponder this issue further.


----------



## Rockn (Jul 29, 2001)

annagel said:


> I think you may have misunderstood. It was the smtp server that crashed not the web server. This address was changed so I am trying to send via a different smtp server but the webserver is the same machine. There have I am sure been changes unfortunately no one seems to be able to tell me what they were. The best I got was that well someone had been working on it which was not all that helpful. Are there ceratin areas of permission I should be checking out? I am just wondering what kind of setting would allow outlook to send a smtp message but not telnet or components.
> 
> thanks
> Andrew


WHat is the SMTP server? If it is external to your location this would be an example of open relay and most email servers have this shut down. If you have an internal mail server this may also be the case.


----------



## annagel (May 18, 2005)

The smtp server is running in building next door they are on the same network and I have been told it's been setup to accept connectiions from our web server. This assumption is supported by the fact that using outlook express on the webserver I can send mail through this smtp server. That issue asside nothing but outlook express seems to be allowed by my webserver to even attempt to make a connection to the smtp server. If it were a matter of the smtp server saying no this is not allowed running ethereal I would get packets sent by my web server in an attempt to connect to the smtp server. These would be denied in the event this connection was not allowed but the request packets are not even there. The message is being stopped before it ever gets on the network.


----------



## Rockn (Jul 29, 2001)

I was going to suggest using CDO, but you have already tried that. I am not sure Jmail has the capacity to forward to a server other thna the web server it is sitting on using it's SMTP engine. Look in you jmail.cfg file under the $datapath = '/path/to/jmail/data/';

If the remote server is sending the mail then all of the files have to be on that server.


----------



## annagel (May 18, 2005)

Rockn said:


> I was going to suggest using CDO, but you have already tried that. I am not sure Jmail has the capacity to forward to a server other thna the web server it is sitting on using it's SMTP engine. Look in you jmail.cfg file under the $datapath = '/path/to/jmail/data/';
> 
> If the remote server is sending the mail then all of the files have to be on that server.


It does have that capacity we ran it in that kind of a setup since last August. It's only in the last month that problem started to crop up. This was all spurred on by someone hacking into the original SMTP server. As a result they gave us a new address to use and things haven't been working since then. What would I be looking for in the jmail.cfg file? I am not at the server itself and getting access is a fun little adventure that usualy takes me all day just wanted to know what to look for when I get up there.

thanks
Andrew


----------



## annagel (May 18, 2005)

Probably should have speicified this to begin with. The Jmail I am using is located here http://www.dimac.net/ It's a asp component installed on the server. I think that was a point of confusion (I did a google on jmail.cfg and the only reference I got refered to something else)


----------



## Rockn (Jul 29, 2001)

annagel said:


> It does have that capacity we ran it in that kind of a setup since last August. It's only in the last month that problem started to crop up. This was all spurred on by someone hacking into the original SMTP server. As a result they gave us a new address to use and things haven't been working since then. What would I be looking for in the jmail.cfg file? I am not at the server itself and getting access is a fun little adventure that usualy takes me all day just wanted to know what to look for when I get up there.
> 
> thanks
> Andrew


Is that new address protected by a firewall? I have arule set up on my firewall that will only allow SMTP to send from my mail server ONLY and if a virus or any other SMTP tries to send from inside the LAN it gets blocked. I would check firewalls first. You have to ask yourself what has changed when this stopped working. 
Look in your web page coding where the JMail component is called, there should be a address like something.yourdomain.com or an IP address that is used point it at the correct server.


----------



## annagel (May 18, 2005)

Rockn said:


> Is that new address protected by a firewall? I have arule set up on my firewall that will only allow SMTP to send from my mail server ONLY and if a virus or any other SMTP tries to send from inside the LAN it gets blocked. I would check firewalls first. You have to ask yourself what has changed when this stopped working.
> Look in your web page coding where the JMail component is called, there should be a address like something.yourdomain.com or an IP address that is used point it at the correct server.


I would also check firewalls first and I did. Two possibilities firewall external to the web server or the smtp server, or a firewall on one of those servers. There is no firewall running on the webserver itself. There is a firewall between the two servers it is set to allow for access. This is working since express can send a smtp message from the web server to the smtp server. There is still the possibility that for some reason there is a firewall that restricts incoming connections to connections that originate only from certain ports. So if a server tries to make a connection to port 25 on the smtp server it only accepts if the orriginating port was 1134 or something. While it is possible something like this could cause the problem. The ethereal logs of activity don't support that kind of a hypothesis. In that event or any event in which something outside the webserver caused the problem ethereal would log the packet sent by the webserver to attempt to open a tcp connection on the smtp server. No such packet is ever sent.

When the Jmail component, telnet, or CDO try to make a conection to the smtp server on port 25 that connection is blocked before it ever makes it to the ethernet card. As a counterexample regular telnet connections which connect on port 23 are not allowed by the smtp server. If I attemtp to make a connection like this etherreal logs show an outbound packet from the webserver's ip to the smtp servers ip destined for port 23. There is no response to this connection request but the connection request still shows up. This is not that case for an attempted connct on port 25. In this case no connection request is present in the ethereal log indicating the connection was stopped by the webserver at some point before it gets to the NIC. All of this seems to support the idea that a software firewall on the web server is stopping these connections. However no such firewall exists.


----------



## Rockn (Jul 29, 2001)

If this is an IIS web server try disabling it's SMTP service if it is not already. YOu may also want to try your component on a Win2K or XP PC running IIS on there with the Jmail component on there. If it works from there it is definately the server causing the problem and if not it is still something between the other server you are trying to forward SMTP requests to.


----------



## annagel (May 18, 2005)

Rockn said:


> If this is an IIS web server try disabling it's SMTP service if it is not already. YOu may also want to try your component on a Win2K or XP PC running IIS on there with the Jmail component on there. If it works from there it is definately the server causing the problem and if not it is still something between the other server you are trying to forward SMTP requests to.


The SMTP service should be disabled it always had been, but in thinking about it the guy who runs the server had tried setting up some smtp services on the computer when the problem cropped up with the original smtp server. He had downloaded some server and had it runnig but not right it could not activate correctly. I wonder if maybe he had something else activated. I will have to look into it in the morning.

I have tried connecting with telnet from other machines but not yet with the Jmail component. Not a bad idea to do it now though since I have to set up a testing server for another project I am going to be working on.

Well at least I have a couple things to check out tomorrow. I will post back with my results.

thanks
Andrew


----------



## annagel (May 18, 2005)

Checked it all out. There are no other SMTP servers running on the webserver. Also I got another server up and running with Jmail installed worked the first time I ran it. So no go there also. Looks like Jmail works fine with our current network setup and the default SMTP service is not running on the web server so that is not stopping anything.

Any other ideas?

thanks
Andrew


----------



## Rockn (Jul 29, 2001)

So it works on the new server without the SMTP service running, but not on your production server?


----------



## annagel (May 18, 2005)

Rockn said:


> So it works on the new server without the SMTP service running, but not on your production server?


You got it.


----------



## Rockn (Jul 29, 2001)

Perhaps there are services running on the production server that are not legit (Trojans payload includes an SMTP engine) Can you post a list of processes that are running on the production server? Something on that server is keeping it from using the SMTP on your other server...this is bugging me...LOL


----------



## annagel (May 18, 2005)

Rockn said:


> Perhaps there are services running on the production server that are not legit (Trojans payload includes an SMTP engine) Can you post a list of processes that are running on the production server? Something on that server is keeping it from using the SMTP on your other server...this is bugging me...LOL


It's bugging the hell out of me to. So you are not alone there.

Here are images of all processes running as well as all services running at this time.

Processes
http://www.dot.state.ri.us/images/debug/p1.bmp 
http://www.dot.state.ri.us/images/debug/p2.bmp 
http://www.dot.state.ri.us/images/debug/p3.bmp

Services
http://www.dot.state.ri.us/images/debug/s1.bmp 
http://www.dot.state.ri.us/images/debug/s2.bmp

thanks
Andrew


----------



## Rockn (Jul 29, 2001)

Was all of the McAfee stuff on there when the server was previously working? Were any Windows updates done recently like the IIS lockdown tool? Some service or process has changed since the problems started. I would personally never run any of that stuff on the server unless it is absolutely necessary for security and you have nothing external to the server protecting it. Try stopping services like McAfee and see if it works. Stop anything that is not crucial to the server and it's role on your network and see if you can send then.


----------



## annagel (May 18, 2005)

Rockn said:


> Was all of the McAfee stuff on there when the server was previously working? Were any Windows updates done recently like the IIS lockdown tool? Some service or process has changed since the problems started. I would personally never run any of that stuff on the server unless it is absolutely necessary for security and you have nothing external to the server protecting it. Try stopping services like McAfee and see if it works. Stop anything that is not crucial to the server and it's role on your network and see if you can send then.


The problem with all that is that I don't have control over this server. Like I set this thing up last summer left for the fall/winter/spring and now I am back and who knows what people have done in the time since I was here last. Shutting stuff down piecmeal is definatly the next step, but I have to wait to see if the people actually running the server can do anything about it. Whole big pain in the *** is what it really is lol. Anyway thanks a lot for the help. I will probably give them till after the weekend before I sneak in and start hacking away at the running proccesses but I will post back how it all works out.

Andrew


----------



## annagel (May 18, 2005)

Turns out I was looking way too deeply into things. The problem was indeed the virus scan which also had bundled with it a small software firewall I guess that Admin was not aware of the firewalls existance. I ended up just watching the CPU usage when I tried to access the email page. I would get activity from DLLHOST.EXE, IEXPLORER.EXE, and one of the virus scan processes. I knew what the first two were doing once I saw the third it was just a matter of tracking down the firewall that wasn't there. Thanks for the help, I wish the problem would have had a better cause than miscomunication, but hey it's fixed.

Andrew


----------

