Don Posted October 27, 2010 Report Share Posted October 27, 2010 I upgraded my PBXnSIP appliance to the latest version of PBXnSIP (4.2.0.3958) and now I cannot figure out how to configure the settings for GMAIL. I tried the same settings that worked in 3.X but the messages always fail and the pbx reports it but it is not specific in why. Can someone provide an example of a working GMAIL configuration for the appliance in 4.2.0.3958? My old working config looked like this: "From" Address (e.g., "PBX" <pbx@domain.com>): MASTER <someone@gmail.com> Account (e.g., pbx): someone@gmail.com Password (e.g., secret): Password (repeat): SMTP Server (e.g., smtp.domain.com): smtp.gmail.com:587 Thanks in advance. Don Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted October 27, 2010 Report Share Posted October 27, 2010 This is probably because the PBX does not accept the gmail certificate. Either import the certificate or disable the use of TLS for sending emails. Quote Link to comment Share on other sites More sharing options...
Don Posted October 27, 2010 Author Report Share Posted October 27, 2010 This is probably because the PBX does not accept the gmail certificate. Either import the certificate or disable the use of TLS for sending emails. GMAIL requires TLS (Transport Layer Security) so that is not an option. Can you tell me the procedure to import the certificate? Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted October 27, 2010 Report Share Posted October 27, 2010 GMAIL requires TLS (Transport Layer Security) so that is not an option. Can you tell me the procedure to import the certificate? Navigate to the admin/certificates web page import the following certificate as server root CA. Ouch, I tried and it did not take it... Looks like we need to investigate whats going on here. -----BEGIN CERTIFICATE----- MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQG EwJV UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN 1cmUgQ2Vy dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDT E4MDgyMjE2NDE1 MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmY XgxLTArBgNVBAsTJEVx dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhv cml0eTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0 fCG2RFGiYCh7+2gRvE4RiIcPRfM6f BeC4AfBONOziipUEZKzxa1NfBbPLZ4 C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A cJkVV5MW8Q+XarfCaCMczE1ZM KxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC AwEAAaOCAQkwggEFMHAG A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ MA4GA1UEChMHRXF 1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm aWNhdGUgQX V0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw ODIyM TY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gjI BBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdE wQF MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3 DQEBBQUA A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJX Rmm/kEd5jhW6Y 7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9 NA2zsmWLIodz2uFHdh 1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee957 0+sB3c4 -----END CERTIFICATE----- Quote Link to comment Share on other sites More sharing options...
Don Posted November 7, 2010 Author Report Share Posted November 7, 2010 Ouch, I tried and it did not take it... Looks like we need to investigate whats going on here. Did you have any luck figuring out why this does not work? GMail is a very popular mail service and I would like to use it to send out notices. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted November 8, 2010 Report Share Posted November 8, 2010 Did you have any luck figuring out why this does not work? GMail is a very popular mail service and I would like to use it to send out notices. We changed something in the code and now (with the newer build) it should work. At least it does work now for me, just tested it. Quote Link to comment Share on other sites More sharing options...
Don Posted November 9, 2010 Author Report Share Posted November 9, 2010 We changed something in the code and now (with the newer build) it should work. At least it does work now for me, just tested it. Where can I get a copy of the "newer" build? Thanks for fixing this bug. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted November 9, 2010 Report Share Posted November 9, 2010 Where can I get a copy of the "newer" build? Thanks for fixing this bug. Plese send an email to support@pbxnsip.com (sorry don't know what the snom email address would be) and indicate what OS you are running. Quote Link to comment Share on other sites More sharing options...
pbx support Posted November 11, 2010 Report Share Posted November 11, 2010 Plese send an email to support@pbxnsip.com (sorry don't know what the snom email address would be) and indicate what OS you are running. Here is the CS410 version with the fix - http://pbxnsip.com/cs410/update-4.2.0.3963.tgz. Please let us know if that takes care of the issue. Quote Link to comment Share on other sites More sharing options...
Don Posted November 12, 2010 Author Report Share Posted November 12, 2010 Here is the CS410 version with the fix - http://pbxnsip.com/cs410/update-4.2.0.3963.tgz.'>http://pbxnsip.com/cs410/update-4.2.0.3963.tgz. Please let us know if that takes care of the issue. This download fixed the issue. I had to remove the final period for it to be downloadable. http://pbxnsip.com/cs410/update-4.2.0.3963.tgz Quote Link to comment Share on other sites More sharing options...
pbx support Posted November 12, 2010 Report Share Posted November 12, 2010 This download fixed the issue. I had to remove the final period for it to be downloadable. http://pbxnsip.com/cs410/update-4.2.0.3963.tgz Thanks for the feedback. Sorry about the dot at the end on the download link. Quote Link to comment Share on other sites More sharing options...
eyeless Posted January 29, 2011 Report Share Posted January 29, 2011 Installed latest SnomOne software on MacMini in late December and I also cannot make email work with any mail server that I try. Now trying with Gmail and get this far: [8] 2011/01/29 16:52:24: DNS: CNAME smtp.gmail.com expired [8] 2011/01/29 16:52:26: Packet authenticated by transport layer [8] 2011/01/29 16:52:51: Last message repeated 14 times [8] 2011/01/29 16:52:51: DNS: AAAA gmail-smtp-msa.l.google.com expired [8] 2011/01/29 16:53:04: Packet authenticated by transport layer [8] 2011/01/29 16:53:52: Last message repeated 17 times [5] 2011/01/29 16:53:52: SMTP: Timeout [8] 2011/01/29 16:53:53: Packet authenticated by transport layer [8] 2011/01/29 16:53:57: DNS: Add CNAME smtp.gmail.com gmail-smtp-msa.l.google.com (ttl=207) [8] 2011/01/29 16:53:57: DNS: Add AAAA gmail-smtp-msa.l.google.com (ttl=60) [8] 2011/01/29 16:53:58: SMTP: Connect to 74.125.39.109:465 [5] 2011/01/29 16:53:58: Could not send 52 bytes [8] 2011/01/29 16:53:58: Packet authenticated by transport layer [8] 2011/01/29 16:54:57: Last message repeated 23 times Version: 2011-4.2.0.3958 (Darwin) Any solution? We really need to get this working ... . All the best, Jerry Quote Link to comment Share on other sites More sharing options...
Don Posted January 29, 2011 Author Report Share Posted January 29, 2011 Did you load the GMail Certificate mentioned in the above messages? You need to go to the top menu Settings -> Certificates -> Main CA Server and load the entire text including the begin and end comments. Then you should see the certificate loaded. Once you do that then the setup is pretty straight forward. Also be sure that you are using the PBXnSIP load that is mentioned int he above text. All you do is replace the PBXCNTRL.EXE file in the PBX directory with the one that you get from that link. Good luck. Quote Link to comment Share on other sites More sharing options...
eyeless Posted January 29, 2011 Report Share Posted January 29, 2011 Did you load the GMail Certificate mentioned in the above messages? You need to go to the top menu Settings -> Certificates -> Main CA Server and load the entire text including the begin and end comments. Then you should see the certificate loaded. Once you do that then the setup is pretty straight forward. Also be sure that you are using the PBXnSIP load that is mentioned int he above text. All you do is replace the PBXCNTRL.EXE file in the PBX directory with the one that you get from that link. Good luck. Ok, so that is the version to run ... . I test this, thanks! /Jerry Quote Link to comment Share on other sites More sharing options...
eyeless Posted January 29, 2011 Report Share Posted January 29, 2011 Ok, so that is the version to run ... . I test this, thanks! /Jerry No, seems like this was not for Mac OS X this updated file (even though it suggested it was Unix-executable ... maybe I had to make it executable?) - replaced it but the server then did not start, so will see if there might be another version available ... . /Jerry Quote Link to comment Share on other sites More sharing options...
eyeless Posted January 30, 2011 Report Share Posted January 30, 2011 Managed to get the certificate into the 3958 version by creating a new XML file based on one of the others - seems to have worked but did not change anything according to logs. It seems they anyway says authentication works, but still it cannot send ... . (Tried to set the new version as executable, but not more willing to run anyway so I guess it is the wrong version.) /J Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted January 30, 2011 Report Share Posted January 30, 2011 This is what I am using: The settings in admin section: And the certificates. The certificate is shown in the post above: Quote Link to comment Share on other sites More sharing options...
Don Posted January 30, 2011 Author Report Share Posted January 30, 2011 I should have mentioned that the link above was for Windows 32 bit only. I don't know if the MAC version has the same bug but the PBXnSIP Appliance did so you will probably need to get a MAC version of PBXCNTRL that is at least the version as the one that is linked above from the PBXnSIP people. Quote Link to comment Share on other sites More sharing options...
eyeless Posted January 30, 2011 Report Share Posted January 30, 2011 This is what I am using: The settings in admin section: And the certificates. The certificate is shown in the post above: Everything here looks exactly the same now (apart from a different Gmail account, that is) and I have no field for Admin e-mail at the end as you have - you must be running some other version of SnomOne .... (than 3958) ? Now I get as far as getting complaint about the certficate - as it could not be added through the web interface, I cut and pasted into a Snom certificate and changed the file name + authority name. Now I get this: [8] 2011/01/30 13:20:09: SMTP: Connect to 74.125.39.109:587 [8] 2011/01/30 13:20:09: Packet authenticated by transport layer [8] 2011/01/30 13:20:09: SMTP: Received 220 mx.google.com ESMTP b7sm7006960faa.18 [8] 2011/01/30 13:20:09: SMTP: Send EHLO localhost [8] 2011/01/30 13:20:09: SMTP: Received 250-mx.google.com at your service, [83.226.202.191] 250-SIZE 35651584 250-8BITMIME 250-STARTTLS 250 ENHANCEDSTATUSCODES [8] 2011/01/30 13:20:09: SMTP: Send STARTTLS [8] 2011/01/30 13:20:09: SMTP: Received 220 2.0.0 Ready to start TLS [8] 2011/01/30 13:20:09: SMTP: Send EHLO localhost [4] 2011/01/30 13:20:09: Certificate for not available [5] 2011/01/30 13:20:09: SMTP: Connection refused on 74.125.39.109:587 [8] 2011/01/30 13:20:10: Packet authenticated by transport layer So probably the certificate is wrong or it is simply not created properly (but when I try and download it and a Snom one, they looks very much the same in TextWrangler (best program on the Mac for looking at various files with text in without changing any encodings)). I went to GMail and thought about downloading the certificate there, but I am not sure which one and if they could be used as they are (seems not so as the Snom certificates are XML files). /Jerry Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted January 30, 2011 Report Share Posted January 30, 2011 [4] 2011/01/30 13:20:09: Certificate for not available That is probably the problem. Not sure why you get "for <empty> not available". Are you using an email proxy or something? If it is not too difficult, can you get a PCAP trace so we can take a look what is going on there? Quote Link to comment Share on other sites More sharing options...
katerina Posted January 31, 2011 Report Share Posted January 31, 2011 Just tested with 3958, it still doesn't work, I get a certificate error: [8] 2011/01/28 20:40:54: SMTP: Connect to 74.125.43.109:587 [8] 2011/01/28 20:40:55: SMTP: Received 220 mx.google.com ESMTP a17sm10280348bku.23 [8] 2011/01/28 20:40:55: SMTP: Send EHLO localhost [8] 2011/01/28 20:40:55: SMTP: Received 250-mx.google.com at your service, [178.15.37.130] 250-SIZE 35651584 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250 PIPELINING [8] 2011/01/28 20:40:55: SMTP: Send STARTTLS [8] 2011/01/28 20:40:55: SMTP: Received 220 2.0.0 Ready to start TLS [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: send_client_hello(03014d437027fe28448d8f2fd350bbaa015f8cdaeafbea867b779b561b9111a5ab3e000004000400050100) [8] 2011/01/28 20:40:55: SMTP: Send EHLO localhost [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: process_server_hello(03014d46c547bcaf23b3483a8badd9a5d1ec53b75127e09a9739fa91ff1354fa1b0b20284e5ddeb9c17fd91acb86d9fcc33ea01326038022407d934ad788f6ef572546000400) [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: [284e5dde] process_certificate(00061900035f3082035b308202c4a003020102020a14cb349d00030000128e300d06092a864886f70d01010505003046310b300906035504061302555331133011060355040a130a476f6f676c6520496e633122302006035504031319476f6f676c6520496e7465726e657420417574686f72697479301e170d3130303432323230303234355a170d3131303432323230313234355a3068310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731133011060355040a130a476f6f676c6520496e63311730150603550403130e736d74702e676d61696c2e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100cf8078e8d1b69780640dd71c75d02eb8eb2c438671087a328fe12b76512a66ead50a8190cc09216539331eb98881898ceaba136e417fcc469ad9139ef6ce15a0be0e8149e8c81d2ed4a6f0ac6e4f1c16ec31d934afa8cc9a187e30e445558810ac5c499eef069c78865b842198a572b6ed05725604f85d6038ec79a8881354230203010001a382012c30820128301d0603551d0e04160414b5f8a2a6c1dc6d9292a4260bf0859ceda9ed2eb3301f0603551d23041830168014bfc030ebf543113e67ba9e91fbfc6adae36b1224305b0603551d1f045430523050a04ea04c864a687474703a2f2f7777772e677374617469632e636f6d2f476f6f676c65496e7465726e6574417574686f726974792f476f6f676c65496e7465726e6574417574686f726974792e63726c306606082b06010505070101045a3058305606082b06010505073002864a687474703a2f2f7777772e677374617469632e636f6d2f476f6f676c65496e7465726e6574417574686f726974792f476f6f676c65496e7465726e6574417574686f726974792e637274302106092b060104018237140204141e12005700650062005300650072007600650072300d06092a864886f70d01010505000381810051cdfd636dae700d8de2698374f302f0329bad11a518ca42dbde267e1df20a425a6115a3a1d1504a00ad1722a14d9f6ba05a5210bd03e10c40b4b4b0b42d1b49a495bac7c05b7fc21601bf0b26bbdb889cf54a04a2ca06f022be786a0642e12c674c51f3a2798ceb361fee103c71429f9f7857b6724b375e422f77615df544110002b4308202b030820219a00302010202030b6771300d06092a864886f70d0101050500304e310b30090603550406130255533110300e060355040a130745717569666178312d302b060355040b1324457175696661782053656375726520436572746966696361746520417574686f72697479301e170d3039303630383230343332375a170d3133303630373139343332375a3046310b300906035504061302555331133011060355040a130a476f6f676c6520496e633122302006035504031319476f6f676c6520496e7465726e657420417574686f7269747930819f300d06092a864886f70d010101050003818d0030818902818100c9edb7a48b9c57e7843e407d84f48fd171635399e7797414af44993320928d7be5280cbaad6c497e835f34594e0a7a30cdd0d7c45745edd5aad67326cead3213b8d70f1d3bdfdddc0836a86f51449bcad6205273b72687356adba9e5d459a52bfc671939fa9318186cdedd258a0e331447c2ef015079e4fd69d1a7c0ace2576f0203010001a381a33081a0300e0603551d0f0101ff040403020106301d0603551d0e04160414bfc030ebf543113e67ba9e91fbfc6adae36b1224301f0603551d2304183016801448e668f92bd2b295d747d82320104f3398909fd430120603551d130101ff040830060101ff020100303a0603551d1f04333031302fa02da02b8629687474703a2f2f63726c2e67656f74727573742e636f6d2f63726c732f73656375726563612e63726c300d06092a864886f70d010105050003818100b88a23c64896b1117c60775e059aaba1c6fa821c1807c4eb81b0a866eb49a8e90cd329adf5ef244cfde44bca7f5e63ab9927cb9f36212cb9106067cdd2b4f0f0ab71e58b5a89271184aa8ebf99f09d09210a52199a5a09d290b7fa0cf87e78a2b085af5c4c99d95c5529f9a551422e3acb388c783bcbf8fb9587bcbc90f95032) [4] 2011/01/28 20:40:55: Certificate for not available [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: [284e5dde] send_alert(022b) [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: [284e5dde] process_server_hello_done() [9] 2011/01/28 20:40:55: SMTP smtp.gmail.com:587: [284e5dde] send_alert(0230) [5] 2011/01/28 20:40:55: SMTP: Connection refused on 74.125.43.109:587 Then I updated to 3981 and it worked. (http://pbxnsip.com/download/snomone/pbxctrl-2011-4.2.0.3981.exe) Quote Link to comment Share on other sites More sharing options...
eyeless Posted February 2, 2011 Report Share Posted February 2, 2011 That is probably the problem. Not sure why you get "for <empty> not available". Are you using an email proxy or something? If it is not too difficult, can you get a PCAP trace so we can take a look what is going on there? Well, it might not be ideal to test this as I am controlling the server remotely and we at least once previously had a bit of a problem running Wireshark. But it would be nice if certificates could be imported correctly ... . /Jerry Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.