After my last certificate update, I noticed I was no longer able to send mail, although I could still receive mail perfectly.
In my mercuryS logs I am getting the following error...

17:09:13.477: --- 24 Jan 2024, 17:09:13.477 ---
17:09:13.477: Accepted connection from '89.240.5.180', port 587, timeout 30 secs.
17:09:13.477: Connection from 89.240.5.180, Wed Jan 24, 17:09:13
17:09:13.477: << 220 smtp.aviandirectory.uk ESMTP server ready.<cr><lf>
17:09:13.481: >> EHLO www.aviandirectory.uk<cr><lf>
17:09:13.481: << 250-smtp.aviandirectory.uk Hello www.aviandirectory.uk; ESMTPs are:<cr><lf>
17:09:13.481: << 250-TIME<cr><lf>
17:09:13.481: << 250-SIZE<cr><lf>
17:09:13.481: << 250-STARTTLS<cr><lf>
17:09:13.481: << 250 HELP<cr><lf>
17:09:13.525: >> STARTTLS<cr><lf>
17:09:13.525: << 220 OK, begin SSL/TLS negotiation now.<cr><lf>
17:09:13.790: [!] OpenSSL reported error -1/1 during handshake - diagnostics follow:
17:09:13.790: [!] -------------------------------------------------------------------------
17:09:13.790: [!] error:1417A0C1SL routines:tls_post_process_client_hello:no shared cipher
17:09:13.790: [!] -------------------------------------------------------------------------
17:09:13.790: --- Connection closed at 24 Jan 2024, 17:09:13.790. ---
17:09:13.790:

I reinstalled Certbot because I could not figure out why I was suddenly getting this error, it is not an error I have ever had before. Any tips on how to fix this would be greatly appreciated. Thanks

In a few days our Mail Hoster (IONOS Germany) intends to activate further restriction for mail submissions.
For all submitted mails the mail sender domain has to match the mail domain of the user who submits the mail, where "user" means the user name (email address) for authentication the mail submission attempt.

All of our 20 users submit their mails with personal sender addresses to MercuryS, and Mercury C is submitting all of them to the mail provider via the one and only MercuryC user credentials. But all personal email addresses have the same mail domain like the "submitting user" defined in MercuryC. Should work.

So far so good. But in case I've set some Mercury filters where certain incoming external mails will be directly forwarded to the internet again (bouncing), the sender address will not be replaced by a local mail address. And this will lead to a refuse of that mail submission.

Hello All,

considering switching from Squirrelmail to roundcube.

Running roundcube for a different install I know that I can create folders-in-folders with roundcube.
Situation: Mercury with Pegasus integration mailboxes are containing folder-in-folder folders. Squirrelmail will recognize and handles those automatically without problem.

Question: does roundcube do the same ?
Or does roundcube only recognize folder-in-folder when these folders are created by roundcube?

If one of you could give me an answer, I would appreciate.
Thank you

Johannes

Hello Fello Mercurians,

I like automation, for what else do we have computers!

Assuming some people, like me, could use a little advise to automate the renewal of the Certificate process for Mercury, I had created a batchfile which will renew the Certificate using , copy and rename the files to be able to use by Mercury and run it at a certain time using the Task Schedule.
There is also Apache involved, as I am running Roundcube for my IMAP connections. In my case I am using the standalone version and therefore I need to shut down Apache to have port 80 or 443 free to use by Certbot spinning up a small webserver.

And I just did a succssfull run.

Certbot located at c:\certbot
Mercury located at d:\mercury

Here we go:
create a batchfile and call it by Task Schedule with elevated user rights.

First: stop Apache service: net stop apache2.4

Second: start the Certbot renewal process:
cd to certbot\bin and call certbot renew
which will renew one or all certificates which are close to expire.

Third: start Apache service: net start apache2.4

Fourth: copy the files needed by Mercury TO Mercury and rename them at the same time.
Files needed are: c:\certbot\live\domain\fullchain.pem and c:\certbot\live\domain\privkey.pem
To make this happen we use xcopy
xcopy c:\certbot\live\domain\fullchain.pem d:\mercury\mercury.pem /y
xcopy c:\certbot\live\domain\privkey.pem d:\mercury\mercury.prk.pem /y
The /y switch is set to quitely overwrite the files after the first renewal.

Comments: Name of Apache service my differ.
IMPORTANT Note: do not rename the files in the original certbot folder as the renewal process is looking for the original file names. If you want NOT to move the files to d:\mercury and keep them in the original file location, that will propably work, but I have not tested it. I like to keep things clean and seperate.

The full batch file will look like this. You can add comments as you wish.

@ECHO OFF
::
:: stop apache 
net stop apache2.4

:: start renewal process of all certbot certificates
:: cd to certbot.exe

cd certbot\bin
certbot renew 

:: start apache
net start apache2.4

:: copy certificate from your domain for mercury. Files to copy & rename
:: are fullchain.pem > mercury.pem ; privky.pem > mercury.prk.pem
:: use xcopy to overwrite file quietly  /y 
:: rename is not possible as certbot is looking for the original filenames
xcopy c:\certbot\live\domain.com\privkey.pem d:\mercury\mercury.prk.pem /y
xcopy c:\certbot\live\domain.com\fullchain.pem d:\mercury\mercury.pem /y

exit

The only manual change is to set a new date in Task Schedule for the next renewal.

This is very basic and I am sure there maybe other ways. Maybe we can add them and make it better?

Enjoy!

Johannes

Will DKIM be implemented in future versions of Mercury?

I have SPF and DMARC setup for my domain but after having to help a client recently with DKIM setup in GoDaddy for their Office 365 mail it got me wondering about DKIM support in Mercury.

Dear helpful members,

After years of running Pegasus mail without issues, a problem with receiving new mail has arisen and I hope someone can help me.
Upon start-up the Pegasus mail “you have new” mail pop-up banner appears (as normal) and may repeat many times if there is a lot of mail to download (as normal); however, no new mail appears in my inbox. I tried upgrading from version 4.80 to the new 4.81 Beta, but that did not solve the problem. However, if I shut down Pegasus mail and then re-start Pegasus the new mail now appears (under my red "is urgent” mail). Another new problem that seems to have occurred simultaneously with the above problem is that Pegasus mail very often will not close normally anymore. I must use Task Manager to force Pegasus to shut down.
Hopefully you may know a fix without a complete re-install? However, if I do need to do a uninstall /fresh install to solve this problem how can I make sure that my past inbox /outbox and all my folders will be brought back into the program normally, without losing emails or setting preferences?

Thank you in advance for your help!
Kind Regards, jacobsfw
November 16, 2023

The mobile versions of Microsoft Outlook have broken support for using STARTTLS during an IMAP connection. After sending the first STARTTLS command and receiving a reply, they send a second, spurious STARTTLS command. This gets misinterpreted as a bizzare, implausibly high TLS version by OpenSSL, which causes it to cut the connection. Outlook then reports an alleged "certificate error".

Outlook Mobile is still able to connect using the legacy port which uses TLS from the beginning. However, if you connect to the normal port, if it detects STARTTLS support it will attempt to use it even if you attempt to configure it not to.

There's a Python mail suite called Twisted that includes an IMAP server implementation and TLS implementation in pure-ish Python. I was able to build a toy server and patch it so that if received a TLS version of 63.48 (for example), instead of immediately disconnecting it tried to reinterpret that packet as a cleartext IMAP command and, if it was STARTTLS, send another affirmative reply and restart TLS from there. With this patch, Thunderbird, Outlook desktop, Outlook mobile, and Twisted's client libraries were all able to connect and run without issue.

I know this is awful, that OpenSSL goes out of its way to make it hard to support this -- and with good reason -- and that Microsoft should fix their application to comply with the IMAP specification. However, I've reported this problem to them several times and they won't fix it. There is no MercuryI Events support in the DDK (and its internals are specifically and explicitly not documented, unlike most of the rest of Mercury) so I can't fix this on my end; if I'm to get this to work, I'll need it in Mercury itself.

(I'm posting this here because the Feature Suggestions forum doesn't allow new topics, I don't think this is within the scope of a technical support incident, and Mercury's licensing system is down anyway so I couldn't file one even if I was wrong.)

We almost exclusively use Thunderbird as IMAP client here. It works very well and fast with the Mercury IMAP server.
However, we noticed one thing ... In TB we always move edited/read emails to other mail subfolders, so that the inbox folder remains clear.
But if you switch back to Pmail in between, there is a completely different, higher number of mails in the inbox folder. I.e. there are sometimes quite a lot of mails still in the inbox folder, which have long been moved to other subfolders in TB. The moved mails also arrive in the subfolders and are also visible there in Pmail.

Moving mails is also not accompanied by any error message. A consistency check of the individual mail folders in Pmail also shows that everything is fine.

Furthermore, we can also access our mailboxes using Roundcube IMAP web client. There I can at least see that the affected emails have already been marked as "deleted" (disabled). So to me it looks like mails are copied to the subfolders, but then only marked as "deleted" in the inbox folder.

Is there a "timer" somewhere when mails marked as "deleted" are finally deleted?

We recently set up a new installation and when I enumerate a list it will run once but subsequent attempts fail with the following errors.

The core process window shows “* Transient error - job deferred for later processing.”

The mercury system messages window shows “Core: Error getting mailbox information for MercAdm”

MercAdm is an alias with the mercury software that point to an email address that is valid.

Hi, first I have read through a bunch of posts looking for answers on here but nothing really relates to my issues I am having as such.
I will first explain my setup then explain what I have tried.

My router (192.168.1.1) which is forwarding all traffic to my computer (192.168.1.2). Ports opened for the mail server are 25, 143, 587, 465 and all point to 192.168.1.2 which is my only computer, nothing else connected to my router.
Windows Firewall disabled, no other firewall or antivirus (fresh OS install) and I am using windows 11 Pro.

My ISP is talktalkbusiness and to connect to their smtp servers I use port 25 strait connection plain text and not secure. I use my username and password they provided for me.

The smart host name I use is smtp.talktalkbusiness.net

it was all working fine for years and I changed nothing but a few weeks ago connections began to be refused or timed out when connecting to my ISP's server. The message I was getting was Error FF queue job.

The log files really told me nothing apart from conenction timed out. I have been in contact my with ISP and they say over n over n over again it is my end not theirs.

I can not really find a realistic step by step guide on how to properly configure Mercury Mail but I did have it working fine before despite changing nothing.

Under Protocol Modules I have the options ticked as follows...

MercuryS
MercuryP
MercuryC
MercuryD
MercuryI

My PHP.INI file has

[mail function]
; For Win32 only.
;
SMTP=localhost
; http://php.net/smtp-port
smtp_port=25

;extension=imap
[imap]
;imap.enable_insecure_rsh=0

It doesnt send or receive anything at all, it ignores emails created through my site and ignores emails created from the GUI send mail feature.

There are too many windows with settings to list here in one go but I am happy to do my best to provide details if needed. I'd appreciate any help to get this working. thanks

AFAIK the auto-reply (e.g. out-of-office notification) functionality of Mercury could only be controlled by Pegasus which is adapting and changing the file extension of the "areply" file.

In the meantime more and more colleagues retire Pmail and replace it by Thunderbird which is collaborating great with Mercury.

But a simple adjustment of Mercury's auto-reply function by another Mail client is missing.
Either we have to keep installed another Pmail installation, only started for switching the areply function, or we have to edit the areply file manually. But we don't want to grant every user full write access to its mailbox directory.

Are there any other solution in place?

I have not been able to send emails from Win-Pm to my Spectrum account since July 20th using Win-Pm .. I can still receive and download messages as normal. Accd to the error message log the email address I used for authentication is not the same as the address I've sent from. I've redacted my addresses in the log below, but they are the same. Also I can send email using an identical profile from my iphone or using the web-mail site. The problem occurs ONLY with Pegasus (both 4.8 and 4.81).

12:31:58.786: --- 30 Jul 2023, 12:31:58.786 ---
12:31:58.786: Connect to 'smtp-server.carolina.rr.com', timeout 30 seconds, flags 16842753.
12:32:00.005: >> 220 p-impout006.msg.pkvw.co.charter.net cmsmtp ESMTP server ready
12:32:00.005: << EHLO [192.168.1.19]
12:32:00.070: >> 250-p-impout006.msg.pkvw.co.charter.net hello [75.176.152.186], pleased to meet you
12:32:00.070: >> 250-AUTH LOGIN PLAIN
12:32:00.070: >> 250-SIZE 30000000
12:32:00.070: >> 250-ENHANCEDSTATUSCODES
12:32:00.070: >> 250-8BITMIME
12:32:00.070: >> 250-STARTTLS
12:32:00.070: >> 250 OK
12:32:00.077: << MAIL FROM: SIZE=2244
12:32:01.080: >> 550 5.1.0 XXX@sc.rr.com sender rejected. The email address you are sending as must match the email address you used to auth. Please check your SMTP settings. AUP#Out-1500

Hi,
I have set mercury to save PDF-attachments from e-mails. Now Mercury should "Highlight" this e-mail in colour red. Unfortunately, the function is not executed.

If I use the Filter-action "Add a header to the message" (X-PMFLAGS: 128 1), the e-mail is displayed in red, but unfortunately the formatting does not fit for some emails.
Is there a way to insert X-PMFLAGS: without formatting the email?

Since the last MS updates of April, which we've installed on our MS Server 2016 on weekend, Mercury GUI has been terminated automatically different times.

No any error messages found, neither in Mercury logs nor Windows event logs. Has anybody an idea?

The Mercury service will be started on each server restart. And on next opportunity we quit the service and start the Mercury GUI manually to permanently see the Mercury "dashboard" on the server desktop. This worked for years.

Our organisation has recently migrated to Microsoft 365. Since then I have been unable to access emails using Pegasus.

Instructions were sent that as yet do not include Pegasus, but do include Thunderbird.

Here are the settings for Thunderbird.

I have noted that there is an option in Thunderbird to use Oauth2 as a method of authentication. This option is not available in Pegasus. I noted and found the option for gmail when setting up a new account but this does not work for my usual email address.

In addition I did find the settings provided by the Kansas State University to access emails using Microsoft 365, no mention was made of Oauth2 and these settings did not work.

I was successful in accessing my yahoo domain email address by following the instructions provided by Yahoo. It gives an option of using Pegasus as a third party app and provides a one time password.

Any solutions would be very much appreciated. I have been using Pegasus since the 1990’s, and continue to appreciate it.

Thank you.

I have setup a moderated mailing list in Mercury 4.91 with 2 moderators. Listmembers are able to send to the list and should get their own replies. I just tested the list with my member address and Mercury started working the list. And than came the strange and buggy part: The sender was not my member address The From address was formed of the 2 moderators email address. It created a total mess.

MercuryE log:
T 20230424 212520 64473626 Begin processing job MO000016 from address1@sasktel.net address2@yorktondigital.ca
T 20230424 212523 64473626 Established ESMTP connection to 69.49.101.234
T 20230424 212523 64473626 MAIL FROM:<address1@sasktel.net address2@yorktondigital.ca> SIZE=1368
E 20230424 212523 64473626 553 5.1.3 <address1@sasktel.net address2@yorktondigital.ca>... Invalid route address
T 20230424 212523 64473626 Connection closed normally.

I can't see any wrong settings in my list configuration which could cause such behavior. I have 2 lists with 130/150 users.
Years ago with Mercury 4.01 I did not have such problem.

Any pointers would be appreciated.

Johannes

We have setup mercury to receive emails by SMTP and then distribute the emails to POP3 mailboxes.

However, I don't seem to be able to find an option to tell mercury what domains to accept emails on and which to reject.

I've found the global filtering rules for distribution, but the only way I can find to receive emails is to untick this option "do not permit SMTP relaying of non-local mail" - however when I do this, although I do receive emails, my IP address is then advertising as an open smtp-relay when I run an SMTP check on the IP at mxtoolbox.com website.

Hopefully I am missing something here, and hoping someone can point me in the right direction.

Hopefully once this is all sorted, I can then purchase a licence to help support the development of the product.

Thanks,
Phil

Mercury/32 ver 4.9

Hi all,
why do I receive the same message inbox more than one, sometimes there can be up to 4 copies in the inbox. This happens when a non-local sender sends a message to more than one email address (to, cc).

Outlook view

Mail folder view

Thanks

That I have now successfully TLS working with Mercury, I am wondering how to improve the cypher list Mercury is using. As I have not found any settings in this regard, is there some way ? And if, where and/or what has to be done ?

Any pointers very much appreciated.
Thank you

Johannes

I have installed 2 Mercury Servers for testing purposes.

I tried tend a batch of 5 messages, using MercuryE on sender and MercuryS on receiver, and SSL on both (self-signed certificates)

Messages 0 1 2 4 arrived

Message 3 failed with "8: Socket read timeout" appearing in the log

That is the best characterization I got

On the Receiver's side, (MercuryS)

The lo is:

08:36:33.401: << 220 OK, begin SSL/TLS negotiation now.<cr><lf>
08:36:33.591: [] SSL/TLS session established
08:36:33.591: [] TLS_AES_256_GCM_SHA384, TLSv1.3, Kx=any, Au=any, Enc=AESGCM(256), Mac=AEAD<lf>
08:36:33.592: [] No peer certificate presented.
08:37:03.857: 8: Socket read timeout
08:37:03.858: >>
08:37:03.872: [] OpenSSL secure session normally terminated.
08:37:03.873: --- Connection closed at 27 Mar 2023, 8:37:03.873. ---
08:37:03.874:

What should I do