1
How to disable "Require Auth Match" for certain account/domain?
Question asked by Domagoj Pavlesic - August 14, 2015 at 2:21 AM
Unanswered
I love the "Require Auth Match" feature, but I need to disable it for one account (or domain). So, I want that user to authenticate, but to be able to send any e-mail using that account. (I need that for handling web2mail forms.)
 
Is there a way I can do that? I've tried to whitelist the server, but it doesn't work.
 
The story behind this is - I want all e-mails that are being sent via one account to be sent via certain outgoing IP address. All other e-mails should use another IP address. I can accomplish that by creating a domain, bind it to outgoing IP address, use an account from that domain to authenticate with - just cannot bypass that "require auth match" feature.
 
Any ideas?

4 Replies

Reply to Thread
0
Bruce Barnes Replied
August 14, 2015 at 5:29 AM
The safer way to do this is by using CDOSYS and creating a form which authenticates against a dedicated username and password.
 
Here's a portion of the code, showing the use of CDO, which we use to make all SMTP authentication calls to a valid e-mail address, with a unique address created and dedicated to each form, in each of the domains we host.
 
This ensures complete authentication and helps prevent non-delivery issues because of DomainKeys, DCOM and DMARC.
If Action = "SendEmail" And IsError <> "Yes" Then
	
	Dim strBody
	
	' Here we create a nice looking html body for the email
	strBody = strBody & "<font face=""Arial"">Contact Us Form submitted: " & Now() & vbCrLf & "<br>" & "<br>"
	strBody = strBody & "<strong>FROM:</strong> http://" & Request.ServerVariables("HTTP_HOST") & vbCrLf & "<br>" & "<br>"
	strBody = strBody & "<strong>SENDER'S IP ADDRESS:</strong> " & Request.ServerVariables("REMOTE_ADDR") & vbCrLf & "<br>" & "<br>"
	strBody = strBody & "<strong>SENDER'S NAME:</strong> " & Replace(ContactUs_Name,vbCr,"<br>") & "<br>"
	strBody = strBody & "<strong>SENDER'S E-MAIL ADDRESS:</strong> " & Replace(ContactUs_Email,vbCr,"<br>") & "<br>"
	strBody = strBody & "<strong>MESSAGE SUBJECT:</strong> " & Replace(ContactUs_Subject,vbCr,"<br>") & "<br>" & "<br>"
	strBody = strBody & "<strong>MESSAGE:</strong> " & Replace(ContactUs_Body,vbCr,"<br>") & "<br>"
	strBody = strBody & "</font>"
	
	Dim ObjSendMail
	Set ObjSendMail = CreateObject("CDO.Message") 
     
	'This section provides the configuration information for the remote SMTP server.
     
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 'Send the message using the network (SMTP over the network).
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = smtpserver 'Name of your SMTP server entered in before the <HEAD> object marker
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 465 'Use 25, or 587 if your alternate non-SSL port is 587 for non-SSL.  Use 465 for SSL
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = True 'Use SSL for the connection (True or False)
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60 ' SMTP server connection timeout. 
     
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1 'basic (clear-text) authentication
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusername") = youremail 'Name of your full e-mail address as entered in before the <HEAD> object marker
	ObjSendMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendpassword") = yourpassword ' Your password as entered in before the <HEAD> object marker.
     
	ObjSendMail.Configuration.Fields.Update
     
	'End remote SMTP server configuration section==
     
	ObjSendMail.To = youremail 'Name of your full e-mail address as entered in before the <HEAD> object marker.  You are sending TO and FROM the same e-mail address but using a REPLY TO e-mail address captured from the CONTACT US e-mail address
	ObjSendMail.Subject = ContactUs_Subject ' The subject of the message
	ObjSendMail.From = ContactUs_Email ' The e-mail address entered into the form, used as both the REPLY TO and address of the person to be contacted
     
	' we are sending a html email.. simply switch the comments around to send a text email instead
	ObjSendMail.HTMLBody = strBody ' uncomment to send HTML
	'ObjSendMail.TextBody = strBody ' uncomment to send TEXT - only one of the two can be uncommented
     
	ObjSendMail.Send
     
	Set ObjSendMail = Nothing 
If you don't fully authenticate, you run the risk of having e-mail sent from web forms rejected by many receivers, including us.
 
More information about message rejection is available in my KB article:Why Am I Having Problems Getting My E-Mail Delivered?
 
 
Here's an example of the code being used in a simple contact form:  http://www.antiochtownshipil.gov/contact.asp
 
 
Here's an example of the code being used in a calendar scheduling request form: http://jeffersonmasonicassociation.org/buildingrequest.asp
 
 
If you would like the entire code segment, including the CAPTCHA we use, please open a ticket and make a request athttps://portal.chicagonettech.com/Main/frmNewTicket.aspx.  Note that this may require you to establish a user account to create the ticket for the request.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
Domagoj Pavlesic Replied
August 14, 2015 at 5:51 AM
You've totally missed the point.
 
And CDOSYS. Really? It's 2015. :-)
1
Bruce Barnes Replied
August 14, 2015 at 7:20 AM
Sorry you disagree, but everything which is processed by an MX server must be SMTP authenticated and have DomainKey, SPF, and DMARC data added to the headers if you want to ensure it is accepted by most of the large ISPs now. As for you dislike of the coding procedures we, and/or, our clients use, how they arrive at an end result is their choice.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Emanuele Briganti Replied
September 1, 2016 at 6:36 PM
Hello, i am interested too. Is now possible to put a user/domain exception for "require smtp auth" feature?
 
Thank you

Reply to Thread