/dev/random

Generating Randomness Since the Epoch

Bug in Nokia E61i SMTP Client Software

with 18 comments

I was troubleshooting a strange problem recently. A brand new Nokia E61i smartphone could receive but not send any e-mail. The server configuration has not changed and other mail clients are working fine, so it must be the server.

It is very basic and straightforward configuration – a FreeBSD server running Qmail with SPAMCONTROL patch as SMTP server and BincIMAP as IMAP4 server. This configuration worked perfectly until the client asked to add this shiny new Nokia phone to the mix.

Receiving e-mail via IMAP4 did not pose any problems – it just worked (sans the self-signed SSL certificate which I figured out later) but sending mail via SMTP protocol just did not work at all.

The server requires SSL-encrypted connection and successful SMTP authentication before allowing relaying mail to non-local recipients. My initial thought was that perhaps it was due some mismatch in supported encryption algorithms (SHA vs DES vs 3DES, that type of thing). After tweaking the settings a lot on the server side, and even completely disabling SSL encryption altogether I realized it is not the culprit here.

So I have enabled verbose SMTP protocol logging and this is what I saw:

2007-08-16_12:04:16.53449 53365 > 220 server.example.com ESMTP
2007-08-16_12:04:16.55913 53365 < EHLO [xx.xx.xx.198]
2007-08-16_12:04:16.55935 53365 > 250-server.example.com
2007-08-16_12:04:16.55940 53365 > 250-PIPELINING
2007-08-16_12:04:16.55949 53365 > 250-8BITMIME
2007-08-16_12:04:16.55957 53365 > 250-SIZE 0
2007-08-16_12:04:16.55966 53365 > 250 AUTH LOGIN PLAIN
2007-08-16_12:04:16.58764 53365 < AUTH LOGIN
[SMTP authentication details snipped]
2007-08-16_12:04:16.60694 Accept::ORIG::Valid_Auth: P:EMSTPA
S:xx.xx.xx.198:unknown H:[xx.xx.xx.198] 'login' ?= 'valid_user'
2007-08-16_12:04:16.60707 53365 > 235 ok, go ahead (#2.0.0)

As you see from this log excerpt, an SMTP session has been successfully established, SMTP client has successfully authenticated to the server and the server now ready start accepting e-mails from this client.

Everything looks perfect up to this point – see what happens next:

2007-08-16_12:04:16.76834 53365 < RSET
2007-08-16_12:04:16.76857 53365 > 250 flushed

What on Earth the developers have been smoking? Why reset an SMTP connection right after the authentication? Have they read RFC-822 yet?

So, let us continue with our example:

2007-08-16_12:04:16.77749 53365 < MAIL FROM:<valid_user@example.com>
2007-08-16_12:04:16.77787 53365 > 250 ok
2007-08-16_12:04:16.82899 53365 < RCPT TO:<someone@example.org>
2007-08-16_12:04:16.82908 Reject::ORIG::Missing_Auth: P:ESMTPA
S:xx.xx.xx.198:unknown H:[xx.xx.xx.198]
F:valid_user@example.com T:someone@example.org
2007-08-16_12:04:16.82922 53365 > 535 authentication required (#5.7.1)

Of course – authentication is indeed required to send e-mail to external recipients (otherwise it would simply be an open relay). No wonder the SMTP server (rightfully!) rejects the attempt and closes the connection:

2007-08-16_12:04:16.85379 53365 < QUIT
2007-08-16_12:04:16.85433 53365 > 221 server.example.com
2007-08-16_12:04:16.85445 53365 > [EOF]

Luckily, Qmail is an open-source software, so I was able to make a trivial modification in the qmail-smtpd.c sources:

--- qmail-smtpd.c.bak   Fri Aug 24 20:32:39 2007
+++ qmail-smtpd.c Thu Aug 16 16:18:50 2007
@@ -784,7 +784,7 @@
}
void smtp_rset()
{
- seenmail = 0; rcptcount = 0; seenauth = 0; seenttls = 0;
+ seenmail = 0; rcptcount = 0; /* seenauth = 0; seenttls = 0; */
mailfrom.len = 0; rcptto.len = 0; tlsinfo.len = 0;
out("250 flushed\r\n");
}

This is essentially makes RSET command a no-op when it comes to SMTP authentication.This solved the problem for me – my client is now able to send e-mail messages in addition to just receiving them.

Still – bad developer, no cookie…

Written by Sergei Kolobov

August 24, 2007 at 21:00

Posted in Bug, Mail, Software

18 Responses

Subscribe to comments with RSS.

  1. More than one year later, the bug isn’t fixed and can be found in the newest phones, too. (At least in the E71, version 100-07-76).

    If you have Postfix (V2.3.8) instead of Qmail, you can do a similar workaround. Please comment out line 2832 in file:
    src/smtpd/smtpd.c

    So it should look like:
    /*
    * Restore state to right after HELO/EHLO command.
    */
    chat_reset(state, var_smtpd_hist_thrsh);
    //mail_reset(state); ****COMMENT OUT THIS LINE****
    rcpt_reset(state);
    smtpd_chat_reply(state, “250 2.0.0 Ok”);
    return (0);

    Kreye

    November 8, 2008 at 01:30

  2. I sent this to the customer care centre here in Germany – got a reply that they have forwarded it to the software department. Sounded a bit like a standard message.

    I’m sure that the developers will be interested in this, the bug is simple and it should be easy to solve it. But I don’t know how to get the information to them.

    If anybody else would like to send the bug to Nokia, here comes the short description:

    ====================
    While sending out an Email, the E71 initially authenticates itself correctly to the mail server. But then it resets the authentication, and so the Email isn’t accepted.

    Here is a (simplified) recording of the communication between the E71 and an email server:

    01 Server: 220 server.mydomain.com ESMTP Postfix (Debian/GNU)
    02 E71 : EHLO [192.168.0.8]
    03 Server: 250-server.mydomain.com (…)
    04 E71 : AUTH PLAIN xxxxxxxxxxx
    05 Server: 235 2.0.0 Authentication successful
    06 E71 : RSET
    07 Server: 250 2.0.0 Ok
    08 E71 : MAIL FROM: me@mydomain.com SIZE=55052
    09 Server: 250 2.1.0 Ok
    10 E71 : RCPT TO: someone@somewhere.com
    11 Server: 554 5.7.1 : Relay access denied

    You will find the bug in line 06. The E71 sends an RSET command (=Reset), which deletes the previously made authentication. Therefore the mail server rejects the mail transfer (line 11).
    ====================

    Kreye

    November 15, 2008 at 21:57

  3. Thanks for your comments, Kreye.

    It is very sad that this bug was not fixed by now, well over a year after I discovered myself. I fully agree with you – it is a trivial change in Nokia’s source code and I am sure the developers would like to hear about it. I am not sure how to go about it, though – I do not have any contacts at Nokia myself.

    skolobov

    November 16, 2008 at 20:42

  4. Well, it turns out that the RFCs are a bit contradictory.

    RFC 4954 states: “After an AUTH command has been successfully completed, no more
    AUTH commands may be issued in the same session.”

    So an RSET shouldn’t flush the authentication, otherwise you would be able to send out only one Email in a session.

    So, from this point of view, an RSET doesn’t make much sense, but shouldn’t do any harm also.

    Kreye

    December 16, 2008 at 13:52

    • This is a valid point, Kreye.

      On the other hand, there is no reason I can think of to issue a RSET command *BEFORE* sending the first (and the only) message in a session. I can understand if it was sent *AFTER* the first message…

      skolobov

      January 31, 2010 at 02:50

  5. Don`t worry be happy…..

    Just install the new firmware version starting with 200 instead of 1oo. Delete the already setup email account on your device and start new…..it will work..I had all the same problems on a brand new Nokia E71

    Bernhard

    March 13, 2009 at 15:57

  6. Dear all, I have updated the firmware of my phone (E71 200.21.118) and still cant send emails? Any other help? Please.
    Kind reards, Jure.

    Jure

    April 4, 2009 at 16:59

  7. Exactly the same behavio, can’t send emails on an :

    E71-2
    Product code: 0553094
    FW version: 200.21.118

    How come is Nokia NOT answering customer requests…. What, untill the E71 is old enought !.

    Sheesh!

    Edward

    May 24, 2009 at 06:37

    • Thanks for sharing that, Edward!

      It is absolutely absurd that this bug still exists! It makes me think that it would be easier to drive all the way from Moscow to Nokia’s headquarters in Finland and start knocking on their door than to make them listen on the Internet…

      Anyway – Nokia, if you are listening: you can hire me to fix this bug or at least explain to your own developers that the standards are created to be followed not ignored.😎

      skolobov

      May 25, 2009 at 17:16

    • Hi,

      I found a Nokia documents that describe about SMTP, IMAP and other functions. This document describes about RFC’s was based to develop their firmware.

      Yes, their firmware SMTP service was based on obsolete RFC-821! Follow the links:

      http://nds2.nokia.com/files/support/nam/phones/guides/9290Email.PDF

      http://nds1.nokia.com/phones/files/technical_documents/Email2.pdf

      I didn’t understand all about RFCs contents, but could be this the problem?

      Sorry about english. I don’t speak well.

      One thing more: How can I get these SMTP log/debug like was posted? Thanks!

      DaniStation

      October 23, 2009 at 00:57

      • Thanks for your comment, Dani!

        I looked at both documents you mentioned – they both list Qmail 1.03 as fully supported. That was what I was using.

        Additionally, even though RFC-821 was superseded by a newer RFC, it still defines the very basics of SMTP protocol, including RSET command.

        There was nothing in either document that would indicate any special requirements for a SMTP server to be supported by Nokia’s SMTP client.

        Regarding your question on how I got SMTP debug logs – I used recordio program (http://cr.yp.to/ucspi-tcp/recordio.html) from UCSPI-TCP package (required by Qmail). You may want to use some other similar software or even a protocol analyzers like TCPDUMP (http://www.tcpdump.org/) or WireShark (http://www.wireshark.org/)

        skolobov

        January 31, 2010 at 02:42

      • Thanks, thanks a lot skolobov!
        Sorry about date, one year ago! I was out…
        But thanks a lot!!

        I wont worked with this since your message. Problems. But I heard that Nokia fixed this bug with a now firmware. Maybe its true?

        Regards!

        DaniStation

        January 20, 2011 at 15:27

  8. Hi folks,

    i can´t believe this bug is still not fixed…

    I still have my e61 in use…now it seems some people managed to get email working properly on the e71.

    what if i install the latest e61 firmware on my e61.
    Would that work?

    Cheers

    Oliver

    November 20, 2009 at 03:11

    • Oliver,

      I can’t believe that either…
      We have mixed feedback here – some people reported they still cannot send e-mails, even with the latest firmware on E71.
      Unfortunately, I cannot test it myself as I no longer have access to E61 or E71 phones – I am using iPhone for more than 2 years already…😉
      I am still interested in resolving this issue, however…

      skolobov

      January 31, 2010 at 02:46

  9. Is it posible that Nokia hasn’t still fixed this bug?
    Can someone explain to me how to fix this so i can use my company mail. What program to use to edit that line so i can delete that rset of the connection.
    I appreciate all the help you can give me.
    Thx

    Dule

    November 26, 2010 at 00:45

  10. Hi,

    I think it is very much possible – it looks like Nokia not only did not fix this bug in E61i but it still exists in their more recent models as well – E71, etc.

    As for applying the workaround – please describe what e-mail server software your company is using. I may or may not be able to help, depending on your answer.

    Sergei Kolobov

    November 26, 2010 at 02:20

  11. My phone is Nokia E71. Our company mail is pop3.
    Server outgoing and incoming is mail.g17plus.rs but, as presumed, my server requires login authentication for SMTP. I recieve mails without any problems but can not send any. I read where to search the sintax and command error but do not know what program to use to make this corrections.
    Thx for the reply.

    Dule

    November 26, 2010 at 03:56

  12. I didnt answer your question. My company uses

    SquirrelMail version 1.4.15
    By the SquirrelMail Project Team

    Dule

    November 26, 2010 at 04:00


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: