Pegasus Mail & Mercury

our state offices are requiring our county to send and receive email messages with tls encryption......

we think we have mercury configured correctly and performed a test with the state office of technology..... they reviewed the headers of the messages sent and received between our office and their's....

they are saying that mercury is receiving tls encrypted messages from the state correctly... i can also see that by monitoring the server and i can see the "starttls" command in the status windows.....

 however, they are saying that the messages that we send are not being tls encrypted.... i'm stumped as to why the messages are not being tls encrypted by the server....

 my question is is it the responsibility of the mecury server to tls encrypt the messages that we send and i just have something messed up in the configuration (which i doubt, it was very easy to setup) or is it the responsibility of the email client (outlook or outlook express) to tls encrypt the message before sending it....

any help would be appreciated as they just dumped this on us and want everything running by november 21st..... they have also assumed that all counties are using exchange server which the very small counties are not using do to the cost, so, we are kind of on our own to get this working..

 curt johnson

it consultant

big stone county

The TLS encryption is server to server (the connection is encrypted). Switch on session logging in MercuryE while sending a message to find out exactly what is happening. (Remember to switch it off again, though, as log files will grow very quickly.)

/Rolf 

i have MercuryS installed and also MercuryE..... i never see anything in the MercuryE activity window.... should i only have MercuryE running and not MercuryS?

 

 

 

wait, i take that back.... there is activity in the MercuryE window.... it is just really small...... i'll give your suggestion a try.....

MercuryS is the SMTP server module, used for receiving messages. MercuryE is the SMTP end-to-end client module, used for sending messages. If there never is any activity in MercuryE, could it be that your users send outgoing messages through another SMTP server?

/Rolf 

here is what i logged for a message from a tls enabled mercury server to another tls enabled mercury server.... i should point out that all message sent to a county are run through the state's spam and virus filter before being forwarded to the county's server..... the state claims that is all working correctly....

 

 20:59:53.281: --- Mon Nov 10 20:59:53 2008 ---
20:59:53.281: Connect to '156.99.143.114', timeout 60.
20:59:54.281: >> 220 SMTP Proxy Server Ready<cr><lf>
20:59:54.281: << EHLO mail.verticalsolutions.biz<cr><lf>
20:59:54.312: >> 250-cob-medge-loaner.itg.state.mn.us ESMTP Server Ready<cr><lf>
20:59:54.312: >> 250-SIZE 52428800<cr><lf>
20:59:54.312: >> 250-DSN<cr><lf>
20:59:54.312: >> 250-STARTTLS<cr><lf>
20:59:54.312: >> 250 TLS<cr><lf>
20:59:54.312: << MAIL FROM:<curt@verticalsolutions.biz> SIZE=1457<cr><lf>
20:59:54.359: >> 250 +OK Sender OK<cr><lf>
20:59:54.359: << RCPT TO:<sharon_f@co.big-stone.mn.us><cr><lf>
20:59:54.406: >> 250 +OK Recipient OK<cr><lf>
20:59:54.421: << DATA<cr><lf>
20:59:54.453: >> 354 Start mail input, end with ".<CR><LF>"  <cr><lf>
20:59:54.453: << Received: from Spooler by mail.verticalsolutions.biz (Mercury/32 v4.51) ID MO01DB38;<cr><lf>    10 Nov 2008 20:59:54 -0600<cr><lf>
20:59:54.453: << Received: from spooler by mail.verticalsolutions.biz (Mercury/32 v4.51); 10 Nov 2008 20:59:51 -0600<cr><lf>
20:59:54.453: << Received: from test01 (10.0.80.1) by mail.verticalsolutions.biz (Mercury/32 v4.51) ID MG01DB37;<cr><lf>
20:59:54.453: <<    10 Nov 2008 20:59:49 -0600<cr><lf>
20:59:54.453: << Message-ID: <000d01c943a9$8c135120$0150000a@test01><cr><lf>
20:59:54.453: << From: "curt johnson" <curt@verticalsolutions.biz><cr><lf>
20:59:54.453: << To: <sharon_f@co.big-stone.mn.us><cr><lf>
20:59:54.453: << Subject: one last test message<cr><lf>
20:59:54.453: << Date: Mon, 10 Nov 2008 20:59:43 -0600<cr><lf>
20:59:54.453: << MIME-Version: 1.0<cr><lf>
20:59:54.453: << Content-Type: multipart/alternative;<cr><lf>
20:59:54.453: <<  boundary="----=_NextPart_000_000A_01C94377.41340FF0"<cr><lf>
20:59:54.453: << X-Priority: 3<cr><lf>
20:59:54.453: << X-MSMail-Priority: Normal<cr><lf>
20:59:54.453: << X-Mailer: Microsoft Outlook Express 6.00.2900.3138<cr><lf>
20:59:54.453: << X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138<cr><lf>
20:59:54.453: << <cr><lf>
20:59:54.453: << This is a multi-part message in MIME format.<cr><lf>
20:59:54.453: << <cr><lf>
20:59:54.468: << ------=_NextPart_000_000A_01C94377.41340FF0<cr><lf>
20:59:54.468: << Content-Type: text/plain;<cr><lf>
20:59:54.468: <<  charset="iso-8859-1"<cr><lf>
20:59:54.468: << Content-Transfer-Encoding: quoted-printable<cr><lf>
20:59:54.468: << <cr><lf>
20:59:54.468: << blah, blah, blah<cr><lf>
20:59:54.468: << ------=_NextPart_000_000A_01C94377.41340FF0<cr><lf>
20:59:54.468: << Content-Type: text/html;<cr><lf>
20:59:54.468: <<  charset="iso-8859-1"<cr><lf>
20:59:54.468: << Content-Transfer-Encoding: quoted-printable<cr><lf>
20:59:54.468: << <cr><lf>
20:59:54.468: << <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><cr><lf>
20:59:54.468: << <HTML><HEAD><cr><lf>
20:59:54.468: << <META http-equiv=3DContent-Type content=3D"text/html; =<cr><lf>
20:59:54.468: << charset=3Diso-8859-1"><cr><lf>
20:59:54.468: << <META content=3D"MSHTML 6.00.6000.16608" name=3DGENERATOR><cr><lf>
20:59:54.468: << <STYLE></STYLE><cr><lf>
20:59:54.468: << </HEAD><cr><lf>
20:59:54.468: << <BODY bgColor=3D#ffffff><cr><lf>
20:59:54.468: << <DIV><FONT face=3DArial size=3D2>blah, blah, =<cr><lf>
20:59:54.468: << blah</FONT></DIV></BODY></HTML><cr><lf>
20:59:54.468: << <cr><lf>
20:59:54.468: << ------=_NextPart_000_000A_01C94377.41340FF0--<cr><lf>
20:59:54.468: << <cr><lf>
20:59:54.468: << .<cr><lf>
20:59:55.593: >> 250 +OK Message delivered successfully.<cr><lf>
20:59:55.593: << QUIT<cr><lf>
20:59:55.640: >> 221 Service closing transmission channel closing connection<cr><lf>
20:59:55.640: --- Connection closed normally at Mon Nov 10 20:59:55 2008. ---
20:59:55.640:

Ah, that's true - at present Mercury only supports TLS when using MercuryC (SMTP relay module) for delivery, not MercuryE. Sorry for mixing it up.

/Rolf