Hi,
I cannot send emails from Mikrotik anymore. I'm also confused as this worked before upgrading my lab to 6.26. I upgraded from 6.19.

This used to work:
Now only this works:
And this mail is of course marked as spam because no authentication.

I'm also havin problems with email after upgrade to 6.26, until 6.26 everything went well but on this it;s keep saying thatNow i'm back to 6.25 since on the ticket that i have created the support team says that is something wrong with my config/settings..yeah sure on all versions till 6.26 i have no single problem with sending emails through my postfix server and now suddenly i have a bad config.. kind a bad approach

It seems MT have redesigned their SMTP HELO command to issue IPV6 address, but forgot to add "IPV6:" in front of it, thus violated RFC2821 section 4.1.3.

Yes, I get an "invalid TO address" error message on RB750 log, but the reason the email is rejected at mail server is "Helo command rejected: invalid ip address; from=<routeros@site1.example.com> to=<administrator@example.com> proto=ESMTP helo=<[xxxx:xxxx:xxxx:xxxx:0:dc:775e:d0e8]>"

Running ROS 6.27 on RB750


-tadas

Yep.. same behaviour

• Feb 24 15:41:52 debian postfix/smtpd[4115]: Anonymous TLS connection established from unknown[192.168.80.1]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

• Feb 24 15:41:52 debian postfix/smtpd[4115]: NOQUEUE: reject: RCPT from unknown[192.168.80.1]: 554 5.5.2 <[774a:de0:774b:1f0:774b:608:7740:50e8]>: Helo command rejected: invalid ip address; from=<admin@domain.com> to=<mymail@yahoo.com> proto=ESMTP helo=<[774a:de0:774b:1f0:774b:608:7740:50e8]>

• Feb 24 15:41:52 debian postfix/smtpd[4115]: disconnect from unknown[192.168.80.1]

Temporary solution would be to comment outreject_invalid_helo_hostnameinsmtpd_helo_restrictionsin /etc/postfix/main.cf but you should be ready to deal with possibly increased amount of spam.


-tadas

No, this is definitely not a solution..

No, this is definitely not a solution..

Definitely not.

Status update after upgrading to 6.28 - no change, problem still exists.

Here is a full RB log of an email session if your RB email client is configured to use TLS (/tool e-mail set start-tls=yes):

Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 220 mail.example.com NO UCE ESMTP
Apr/22/2015 13:49:38 e-mail,debug EMAIL:send EHLO [192.168.0.1]
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-mail.example.com
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-PIPELINING
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-SIZE 40960000
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-ETRN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-STARTTLS
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-AUTH PLAIN LOGIN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-AUTH=PLAIN LOGIN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-ENHANCEDSTATUSCODES
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-8BITMIME
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250 DSN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send STARTTLS
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 220 2.0.0 Ready to start TLS
Apr/22/2015 13:49:38 e-mail,debug EMAIL:发送EHLO [xxxx: xxxx:xxxx:xxxx:7757:c608:774d:10e8]
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-mail.example.com
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-PIPELINING
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-SIZE 40960000
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-ETRN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-AUTH PLAIN LOGIN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-AUTH=PLAIN LOGIN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-ENHANCEDSTATUSCODES
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250-8BITMIME
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250 DSN
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send MAIL FROM: <routeros@site1.example.com>
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250 2.1.0 Ok
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send RCPT TO: <administrator@example.com>
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250 2.1.5 Ok
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send DATA
4月/ 22/2015 13:49:38电子邮件、调试电子邮件:recv: 354End data with .
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send .
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 250 2.0.0 Ok: queued as 70DD892A03A
Apr/22/2015 13:49:38 e-mail,debug EMAIL: send QUIT
Apr/22/2015 13:49:38 e-mail,debug EMAIL: recv: 221 2.0.0 Bye

See the difference between the two EHLOs? I do not understand, why it is issued in a such form. It would have been OK just to repeat the first EHLO one more time.

Postfix does not like the second EHLO, because it does not comply with rfc2821 section 4.1.3

One more workaround - do not use TLS

Fixed in 6.29

Version 6.30.1:

Cannot send emails. No errors in Mikrotik log, everything went well, but the email doesn't come to my inbox. Neither on my coorporate exchange, neither personal gmail account.
I also tried without quotation marks, no difference. I tried on x86, rb411 and rb751 with RoS version 6.30.1.