External SMTP Auth
Hi folks.
My iPod is not happy. She (he?) can't send mail from outside. I have an IMAP account that I use on my LAN server for my domains. When I go out, I can't send mail.
Now, port 465 is apparently used for SSL SMTP, but that isn't open on the server. My router has SMTP Mail open.
What I want to do, I forget the name of. I think it's SMTP Auth, and using a port above what routers would normally close off. So I'd like to use port 3500 or something like that. How do I do that, while using Kerberos or MD5 for sending mail from outside?
Cheers
I'd confirm that your ISP is (or is not) blocking inbound port 25; if the server here is connected into the ISP via a residential-grade service tier, then port 25 and port 80 blocks in-bound are fairly common. That is, confirm whether the connectivity problems here are between the ISP and the server, or at the pub.
As for your own network perimeter, most consumer-grade routers are pretty weak, while those router-firewalls with VPN and port-forwarding aren't that much more expensive. And there are open-source firewalls around. And using a VPN into the firewall is a pretty good solution for many reasons.
Various organizations that offer wireless do block port 25 outbound and sometimes other specific outbound ports to reduce the spread of malware, or the network loading that can result from torrents. Few organizations block outbound VPNs or webmail (port 80 or port 443) connections.
Similar Messages
-
Hi Jay,
hope all is well with you.
what is pop before smtp and how to see if it is enabled?
what is smtp auth and how to see if it is enabled? Is it enabled by default on MS 6.x?
what happens if smtp auth is not enabled? Will my mail server be a relay?
Is there any additional configuration that should be done on messaging server to allow connection for dial-up users?
thanks,Hi Jay,
hope all is well with you.
what is pop before smtp and how to see if it is
enabled?Pop before SMTP is a very old, and little used method for "authenticating" users. There is virtually no reason to turn this on, anymore.
It's done through the MMP, and is the only reason to actually use the SMTP proxy that's part of MMP.
I would not go there unless your environment requires it. Most do not. Most clients support SMTP authentication, which is much better, and is on by default.
>
what is smtp auth and how to see if it is enabled? Is
it enabled by default on MS 6.x?See above. Yes, smtp authentication is on by default.
>
what happens if smtp auth is not enabled? Will my
mail server be a relay?Totally different issue.
No.
If smtp auth is off, if you have external users, they likely will not be allowed to send to other external users..
>
Is there any additional configuration that should be
done on messaging server to allow connection for
dial-up users?If "dial-up users" means that they come from ip addresses outside your network, then smtp auth will allow them full access.
thanks, -
How to config messaging 5.2 and ldap 5.2 with smtp auth?
Hello.
I want to config smtp auth for msg 5.2 and ldap 5.2.
How to step of work.
I config follow admin guide but it not work.
Please help me and advice me.For your internal clients to be authenticated,
replace "mustsaslserver" instead of "maysaslserver" in tcp_intranet channel on your imta.cnf file. Then all clients connecting from your internal IPs (listed on your mappings file) will be authenticated.
Add the below two parameters for messenger express users to use the same system.
configutil -o local.service.http.smtpauthuser -v "store admin user name"
configutil -o local.service.http.smtpauthpassword -v "store admin password"
All other external smtp connections (MX pointed) are not authenticated since they are directed to tcp_local channel. -
Hello,
I have a Messaging 6.x (JES 2005Q4 version) installation. All outbound email must go
through an external MTA so I added a smartrelay (daemon in tcp_local channel) and all works ok but the external MTA requires authentication so the question is:
how can I configure to send SMTP AUTH to the smartrelay?
I get the following when sending mail:
27-Jan-2006 18:42:00.44 tcp_local R 1 [email protected] rfc822;[email protected] [email protected] dns;outbound.relay.com (outbound.relay.com ESMTP Exim 4.51 Fri, 27 Jan 2006 19:41:57 -0500) smtp;550 You must authenticate to use this relay
I have set this up in a postfix installation and all works ok.
Thanks all in advance.Hello,
I have a Messaging 6.x (JES 2005Q4 version)
installation. All outbound email must go
through an external MTA so I added a smartrelay
(daemon in tcp_local channel) and all works ok but
the external MTA requires authentication so the
question is:
how can I configure to send SMTP AUTH to the
smartrelay?Far as I know, you can't.
>
I get the following when sending mail:
27-Jan-2006 18:42:00.44 tcp_local R 1
[email protected] rfc822;[email protected]
[email protected] dns;outbound.relay.com
(outbound.relay.com ESMTP Exim 4.51 Fri, 27 Jan 2006
19:41:57 -0500) smtp;550 You must authenticate to use
this relay
I have set this up in a postfix installation and all
works ok.
Thanks all in advance. -
DIsable smtp auth only for an ip
Dear gurus,
I have sun messaging server 6 running perfectly alright and only new thing which I would like to incorporate is to disable smtp auth only for one ip address.I am new to this system and have gathered following information from sun messaging docs, the steps which I followed..
1) Create a table DISABLE_SMTPAUTH_IP similar to INTERNAL_IP mapping table in mapping file
INTERNAL_IP
10.18.18.19 $Y
10.18.18.38 $Y
10.18.18.30 $Y
127.0.0.1 $Y
* $N
! Added on 01092008 for disabling smtp_auth
DISABLE_SMTPAUTH_IP
external.ip.addres $Y
*$N
2) ALLOW PORT ACCESS
*PORT_ACCESS
*|*|*|*|* $C$|DISABLE_SMTPAUTH_IP;$3|$Y$E
*|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E
3) Then right after the current rewrite rule in imta.cnf file Created new TCP CHANNEL
! Do mapping lookup for internal IP addresses
[] $E$R${INTERNAL_IP,$L}$U%[$L]@tcp_intranet-daemon
added a new rewrite rule:
! Do mapping lookup for "no smtp auth", non-internal IP addresses
[] $E$R${DISABLE_SMTPAUTH_IP,$L}$U%[$L]@tcp_nosmtpauth-daemon
! ttcp_nosmtpauth-daemon
tcp_nosmtpauth-daemon smtp mx single_sys subdirs 20 maxjobs 7 pool SMTP_POOL nosasl nosaslserver
tcp_nosmtpauth-daemon
! tcp_local
tcp_local smtp mx single_sys remotehost inner switchchannel subdirs 20 maxjobs 30 pool SMTP_POOL maytlsserver maysaslserver s
aslswitchchannel tcp_auth loopcheck threaddepth 32 blocklimit 5120 notices 1 2 backoff "pt5m" "pt1h" "pt2h" "pt4h" destinati
onspamfilter1optin spam
tcp-daemon mumbbmr1.dataone.in
! tcp_intranet
!tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel sasl
switchchannel tcp_auth blocklimit 2500
!tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel sasl
switchchannel
!tcp_intranet-daemon
run /opt/SUNWmsgr/sbin/imsimta refresh
alternatively tried imsimta cnbuild and imsimta restart
but still i get Mail rely denied when I try sending messages from the same trusted IP without doing AUTH.
I would like to know...
1) If there is something mising or wrong in above steps
2) HOw do i check if the messages from that IP(for which smtp auth is disabled) is passing from the tcp_nosmtpauth channel...
THanks for giving your valuable time...thanks very much shane for giving time...
Please always provide the exact version of Messaging Server (./imsimta version).
mumxxxx1 # ./imsimta version
Sun Java(tm) System Messaging Server 6.2-6.01 (built Apr 3 2006)
libimta.so 6.2-6.01 (built 11:20:35, Apr 3 2006)
SunOS mumxxxx1-a-fixed 5.9 Generic_118558-28 sun4u sparc SUNW,Sun-Fire-V440
mumxxxx1#
Why would you want to disable SMTP Authentication? What are you attempting to achieve by doing this -- what is the problem you are trying to solve?
We are an ISP and therefore sometimes required to send bulk mail, for which we are currently using perl bulk mail module script and there we specify the users in text file to send message, everytime this module try sending it get Mail Relaying denied as it doesnot supply user and passwd required for smtp auth in base64.
Therefore I wanted to disable smtp auth for an ip address using which smtp auth is not reqauired and mails should be openly relayed.
Why are all of the above entries commented out? Did you intend to disable (break) the tcp_intranet channel?
no it is not commented in config files.
+./imsimta refresh is no longer a valid comment, you need to use ./imsimta cnbuild;./imsimta restart+
as per sun mesaging server 6 admin guide it is given to be working. Alterntively I tried ./imsimta cnbuild;./imsimta restart.
Please provide the mail.log_current line that matches the attempted email delivery which was rejected.
mumxxxx /opt/SUNWmsgsr/sbin # tail -f /mta/logs/imta/mail.log_current
08-Sep-2008 13:42:19.52 7079.0fca.710096 tcp_local J 0 [email protected] rfc822; [email protected] mailserv 530 5.7.1 Relaying not allowed: [email protected] SMTP
bash-3.00# telnet mumxxxx 25 Trying 10.18.18.19...
Connected to ::ffff:10.18.18.19.
Escape character is '^]'.
220 mumxxxx.datxxxx.in -- Server ESMTP (*)
ehlo mumxxxx.daxxxx.in
250-mumxxxx.daxxxxx.in
250-8BITMIME
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-HELP
250-XLOOP 82F58AB6E3453199924062C516F2E337
250-AUTH PLAIN LOGIN
250-AUTH=LOGIN
250-ETRN
250-NO-SOLICITING
250 SIZE 0
mail from: [email protected]
250 2.5.0 Address Ok.
rcpt to: [email protected]
530 5.7.1 Relaying not allowed: [email protected]
rcpt to: [email protected]
Also please clarify if you want to disable the ability to perform SMTP auth or whether you want to allow email to be sent without requiring SMTP auth -- these are two completely different objectives.
No I do not want to disable SMTP auth for everyone.DEfault is it should be forced to all except from one ip. ie disable smtp auth only for an ip address.
Regards
Pradeep -
Smtp auth without hat access defined
Hello community!!!
We are configuring an appliance and came across a doubt that we would like to share to see if anyone can help us.
We first configured the appliance by setting up a RELAY policy wich included the networks that were allowed to send mail through our IronPort. Before we applied that configuration, there was no way of sending mail, perhaps there are other more efficient ways but we fail to see another one.
After this path was OK, we then configured the IronPort to use SMTP auth in a forwarding fashion to verify that clients we know are the only ones allowed to send mail. To do this we authenticate against our internal SMTP server, which contains the mailboxes of our users.
This configuration tested OK, without issues at all.
Now that we have this architecture working we would like to allow multiple IPs, not just the ones we defined to use our IronPort to send mail. In our scenario, we provide email services to serveral cilents that have dynamic IP. So we cannot guaranty that a given time, they will be able to send mails through our IronPort if their IP falls out of the range we defined.
So, within HAT policies, is there a way to allow "anyone" or "any IP" to access the IronPort to send mail? The security will be enforced though our SMTP auth policy which only allows authorized personnel to send mail.
Thank you in advanced for your thoughts and comments!!!
Best regards!!!
MiguelYes, you can do this where the connecting external IP or sender is not known in advance.
You would probably need to LDAP with either SMTP Auth enabled or External Authentication Queries enabled.
So as to not *bog* down your HAT Overview with smtp auth attempts, I think it would be helpful to find a range where the incoming connection would be, then try to assign it to a SMTP Authentication Sender Group and corresponding Mail Flow Policy where the SMTP was turned on.
I can see that this type of scenario would come into play in situations where you have traveling salespeople and you're not always sure what IP they're coming from, but they still need to relay via the IronPort. It's best to collect as much of the information about these external relayers as possible and the LDAP system, then contact Customer Support, presenting the information/facts that you have and how best to configure the IronPort HAT/LDAP/MAIL FLOW Policy section to get that working.
Good luck,
Kevin -
Hi,
when we test mta with telnet mail.server 25 communication looks like this:
ehlo someone
250-blah.blah Hello xxxxpleased
to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
we are missing SMTP AUTH (both internal and external IP addresses). Any ideas?
Thanks,
NevenCheck the tcp_local channel settings in the imta.cnf :
http://docs.sun.com/source/817-6267/mta_config.html#wp1067820
when modifying, do not forget to recompile your config.
Cheers, Ben -
Send email from SAP using SMTP-AUTH
Dear all,
I would like to send email from SAP to external SMTP server using authenticated method.
Can I set up this scenario with SAPConnect?
Or are there any other methods to set up this scenario?
Thanks, Regards,
FendhyHi,
You dont need anu authentication to be set :
Just follow below steps :
Simple steps to do the SMTP configuration :
1. Use transaction SCOT
3. Double Click on SMTP
4. You will get a window and fill in description
5. Tick the "Node in use" box
6. Enter the hostname of the email exchange server
7. Mail port will be 25
8. Click on the button next to Internet called "Set"
9. You will get another window, in the "address area" box, enter *
10. Click the green check button to exit the second window
11. Click the green check button to exit the main window
12. From top menu: Settings -> Default Domain
13. in the small box that appears enter the domain name which is the last part after the @ sign. The domain name would be company.com
14. You need to define a job to process the email, from top menu: View -> Jobs
15. From top menu: Job -> Create
16. Enter a name
17. Click on "INT" in the list then "Schedule job" button
18. Enter start date and time, then click on "Schedule Periodically" button
19. Enter something like every 10 minutes.
20. the configuration is now complete. To test it, you need to have an email defined in your user id properties. Use SU01 for that.
21. Use transaction SO00
22. Put Title, and text in the body, then enter your email address below, the recepient type would be "internet address"
23. After a maximum of 10 minutes you should get the email address.
Regards,
Nirmal.K -
AuthenticationFailedException when using JNDI and JavaMail with SMTP auth
Hi all - I've been banging my head on this one for awhile now - hopefully someone else has done this.
We are working in a servlet container (tomcat), and need obtain a mail session from JNDI. We do this as follows:
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env");
Session mailSession=(Session) envCtx.lookup("mailSession/trumpetinc");so far so good. The jndi entry for the mail session is configured in server.xml as follows:
<Resource name="mailSession/trumpetinc" scope="Shareable" type="javax.mail.Session"/>
<ResourceParams name="mailSession/trumpetinc">
<parameter>
<name>mail.smtp.host</name>
<value>mail.server.com</value>
</parameter>
<parameter>
<name>mail.smtp.password</name>
<value>ABCDEFG</value>
</parameter>
<parameter>
<name>mail.smtp.user</name>
<value>trumpet_kevin</value>
</parameter>
<parameter>
<name>mail.smtp.auth</name>
<value>true</value>
</parameter>
</ResourceParams>With the above, whenever we hit Transport.send(msg), we got an AuthenticationFailedException thrown. I have run into this before with SMTP authentication, so I decided to try using the transport.sendMessage() method instead.
So, I get the transport:
Transport trans = mailSession.getTransport("smtp");
trans.connect();Then I send my message using:
msg.saveChanges();
trans.sendMessage(msg, msg.getAllRecipients());and finally, I close the transport:
trans.close();Unfortunately, I'm still getting the exception. Is it possible that my connect() method is not picking up the JNDI properties set in the server.xml file (this seems likely)? If so, what's the best way for me to get those properties so I can set them explicitly in the connect() method?
Thanks in advance,
- KevinHi,
I have faced the same problem and after some googling and trying I have discovered what causes the AuthenticationFailedException exception. I just wanted to share the knowedge maybe it will be helpfull to others.
Here it is what the API says:
To use SMTP authentication you'll need to set the mail.smtp.auth property (see below) and provide the SMTP Transport with a username and password when connecting to the SMTP server. You can do this using one of the following approaches:
1.Provide an Authenticator object when creating your mail Session and provide the username and password information during the Authenticator callback.
Note that the mail.smtp.user property can be set to provide a default username for the callback, but the password will still need to be supplied explicitly.
This approach allows you to use the static Transport send method to send messages.
2.Call the Transport connect method explicitly with username and password arguments.
This approach requires you to explicitly manage a Transport object and use the Transport sendMessage method to send the message. The transport.java demo program demonstrates how to manage a Transport object. The following is roughly equivalent to the static Transport send method, but supplies the needed username and password:
Using the Transport.connect makes the JNDI not very helpfull for configuration.
It seems that using just the mail.smtp.user and mail.smtp.pass is not sufficient for the authentication.
so, the solution is :
just place these to lines in the JNDI configuration:
username="test"
password="test1"
so it should looks as follows:
<Resource name="mail/Session" auth="Container"
type="javax.mail.Session"
username="test"
password="test1"
mail.transport.protocol="smtp"
mail.smtp.auth="true"
mail.smtp.host="localhost"
mail.smtp.port="25"
mail.smtp.user="test"
mail.smtp.password="test1"
/>
where test and test1 are the user's credentials
Regards,
Kiril
Message was edited by:
Kireto
Message was edited by:
Kireto -
Sending mail to internal mailadres to external smtp
Hi,
I must have 1 email address from my email-domain (intern and external) that always send the mails to the external smtp-server.
example:
mail domain is novellrocks.com
email address create is [email protected]
So when we send internal our external een mail to [email protected] it will be deliverd to the mailbox.
But for this mailbox I explicit wants that the internal mail is first send to an external smtp server thats relay it to the gwia and then delivers its to th mta and then to the po and to the mailbox.
In the past you could send een mail to gwia:[email protected] so it was deliverd external and then get it back through the gwia.
ThanksHi,
Can you tell me how exactly?
I have tried gwia:email-address but that does not work.
I'm also not shure that it's leave the site externally and not just reenter the smtp-server.
Originally Posted by mrosen
Hi.
On 13.03.2012 18:26, rniesen wrote:
> In the past you could send een mail to gwia:[email protected] so it
> was deliverd external and then get it back through the gwia.
That still works.
CU,
Massimo Rosen
Novell Knowledge Partner
No emails please!
Untitled Document -
SMTP-auth via mailx results in service unavailable
Why do my attempts to use mailx with Gandi SMTP fail with 'Service unavailable'?
I have the following ~/.mailrc file which is recognised by mailx:
set smtp=smtps://mail.gandi.net:465
set smtp-auth=login
set smtp-auth-user=harry@XXXXXXX
set smtp-auth-password=XXXXXXX
set from=harry@XXXXXXX
set ssl-verify=ignore
set nss-config-dir=/Users/neville/Thunderbird
The result is below.
From MAILER-DAEMON Thu Dec 20 15:41:47 2012
Return-Path: <>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by G4-N-2.local (Postfix)
id D4E2DA382D6; Thu, 20 Dec 2012 15:41:47 +0000 (GMT)
Date: Thu, 20 Dec 2012 15:41:47 +0000 (GMT)
From: [email protected] (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: [email protected]
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="78E73A382D4.1356018107/G4-N-2.local"
Message-Id: <[email protected]>
This is a MIME-encapsulated message.
--78E73A382D4.1356018107/G4-N-2.local
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host G4-N-2.local.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<neville@XXXXXXX>: host spool.mail.gandi.net[217.70.184.6] said: 554 5.7.1
Service unavailable; Client host [XXXXXXX] blocked using
pbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=XXXXXXX (in
reply to RCPT TO command)
--78E73A382D4.1356018107/G4-N-2.local
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; G4-N-2.local
X-Postfix-Queue-ID: 78E73A382D4
X-Postfix-Sender: rfc822; [email protected]
Arrival-Date: Thu, 20 Dec 2012 15:41:47 +0000 (GMT)
Final-Recipient: rfc822; neville@XXXXXXX
Action: failed
Status: 5.7.1
Remote-MTA: dns; spool.mail.gandi.net
Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host
[XXXXXXX] blocked using pbl.spamhaus.org;
http://www.spamhaus.org/query/bl?ip=XXXXXXX
--78E73A382D4.1356018107/G4-N-2.local
Content-Description: Undelivered Message
Content-Type: message/rfc822
Received: by G4-N-2.local (Postfix, from userid 501)
id 78E73A382D4; Thu, 20 Dec 2012 15:41:47 +0000 (GMT)
To: neville@XXXXXXX
Subject: test
Message-Id: <[email protected]>
Date: Thu, 20 Dec 2012 15:41:47 +0000 (GMT)
From: [email protected] (Neville Hillyer)
test email
--78E73A382D4.1356018107/G4-N-2.local--http://www.spamhaus.org says:
Mail servers only run spam filters such as Spamhaus PBL on port 25, so if you find you are being blocked by the PBL when you try to send mail to your mail server that means you are not communicating with the mail server on the 'authenticated' port 587 but you're still on port 25. This means your 'SMTP Authentication' is not working correctly.
http://wiki.gandi.net/en/mail/standard-settings#smtp-account says:
SMTP Account
Name server : mail.gandi.net
Port : 25, 465 (with SSL) or 587 (try one or the other)
TLS or SSL: yes
SMTP Authentication : yes, using the same settings as for the POP / IMAP account
I was trying to use the same settings I have used for several years with Thunderbird and Apple Mail, ie SSL on port 465.
Is there something wrong with my settings which could be preventing mailx from using port 465?
A few debug tips would be appreciated.
Your link causes me to ask: Does the mailx on Leopard support SMTP directly? -
How to add X-authenticated header with SMTP-auth
I have smtp-auth working here. I also have normal mail header to see what ip the message is coming from. But I'd like to add X-authenticated to signature the mail is authenticated by end user.
Can I do that? What parameter i can use for message filter?
Many thanks.
ChrisCurrently you can't ; however, you should open a case with IronPort and request that feature - the more that request the feature the better the chance for it to get implemented. My company has already requested this feature. We asked for a variable and a condition that we could use in filters.
-
We're having a problem with OS X's Mail app connecting to Tiger Server's mail server. We have the server set up to not always require SMTP auth (all SMTP auth settings unchecked in Settings > Advanced > Security), and to allow relay from only a given set of networks (Settings > Relay). In theory, this means that if you're on one of the specified networks, you're not required to authenticate, otherwise you are. This according to Apple's documentation.
From a bit of packet sniffing, it looks like:
1. If a user on an allowed network tries to send mail through the server, the server does not return authorization as an option.
2. If the user has password authentication specified in Mail's SMTP Server settings, it refuses to send. If they set SMTP auth to None, the Mail app will send.
IOW, Mail doesn't send if Authorization is enabled in the Mail app, but not given as an option by the mail server. Has anyone else seen this? Is this a bug in Mail or Postfix?If you have networks entered in
'Accept SMTP relay only from these hosts and
networks'
Clients on these networks don't need to authenticate
for local delivery or relay.
So it does what you are looking for.
Jeff
Well, goddarn it - so it does!
I was testing various permutation (10.3.4) just recently and it just wouldn't relay without auth if any of them was selected (honest!). That was with the trusted relay....
...but I just tried it again and it's fine!
I had put it down to just another 'glitch' in the documentation.
Oh well - glad you were there to point it out Jeff!
Whilst we are on the subject - do you know of any way to tie authentication (outwith trusted network) to specified users? I was thinking there might be a Postfix parameter for this (sorry, I should just look them all up but maybe someone knows it already)?
Thank, and sorry for any earlier confusion!
-david. -
Hi!
We are running GWIA novell-groupwise-gwia-12.0.1-103731.
Relaying is denied in the GWIA-settings.
We tested the GWIA behavior.
If we do an SMTP-Auth against the GWIA and the authentication is
successful, relaying is allowed.
In the GWIA "Access-Control Settings" -> "Default Class of service"
there is "Prevent outgoing messages" defined in the "SMTP Outgoing" section.
It seems, that it has no effect, what is defined in the Access Control
Settings; Gwia will always allow relaying, if the user is authenticated
against the GWIA.
Does this work as designed, or do we have a chance that we will allow
only specified users to relay, if they are authenticated?
thanks in advance
WolfgangOn 06.11.2012 11:12, wpolster wrote:
> Hi!
>
> We are running GWIA novell-groupwise-gwia-12.0.1-103731.
> Relaying is denied in the GWIA-settings.
>
> We tested the GWIA behavior.
> If we do an SMTP-Auth against the GWIA and the authentication is
> successful, relaying is allowed.
> In the GWIA "Access-Control Settings" -> "Default Class of service"
> there is "Prevent outgoing messages" defined in the "SMTP Outgoing"
> section.
That's a bad idea, and should result in nobody using groupwise
internally being able to send email out. You can't remove restrictions
in the default class of service with more specific classes.
> It seems, that it has no effect, what is defined in the Access Control
> Settings; Gwia will always allow relaying, if the user is authenticated
> against the GWIA.
Correct. The class of service restrcitions only apply to *internal*
users, e.g everything that come from or goes to groupwise. relaying
happens totally on the SMTP side of GWIA only, and there's no restrictions.
> Does this work as designed, or do we have a chance that we will allow
> only specified users to relay, if they are authenticated?
Unfortunately not.
CU,
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de -
AUTH Command is not enabled, when try to enable webmail with smtp auth
Hi,
I'm trying to force all the webmail users to authenticate (smtp auth) when they send an email.
I already configure this:
local.service.http.smtpauthpassword = xxxxx
local.service.http.smtpauthuser = admin
and reload the http service. (the password is correct)
Then, enter to the webmail interface and tried to sent an email but when pressed "sent" the following message appears:
SMTP: Error 5.7.1 AUTH Command is not enabled.
Do I have to do something else? Any lead?
RegardsThanks Jay,
I know about the little use of the webmail authentication but it is something I need to do because in my configuration I have to differentiate between users who can send emails to internet and users who can not, and in order to do that, I need to authenticate all the users. So far is working if the user uses an email client.
For webmail I did not know that I have to add in the tcp_intranet channel definition the attribute: mustsaslserver.
Maybe you are looking for
-
Mail 10.5.6 update released...
If you are experiencing crashes with Mail after the OS X 10.5.6 update you might take a look at the Mail Update 1.0 that has just been released. Run Software Update and this download will appear if you have the specific problem mentioned. Apparently
-
How can I remove my credit card or cancel my account?
How can I remove my credit card or cancel my account?
-
How do i install itunes on an external drive
How can i install iTunes on an external hard drive?
-
I am not able to create a new conection with a file saved in excel 2007 (*.xlsx) does anyone know why??
-
Usage of custom domains for primary keys
Hi, I have a question regarding the possibility to use custom domains on primary key attributes: are there any special requirements/constraints in order to do this (like for example providing consistent equals() and hash() methods...)? Thanks, Dan