1
User SmarterMail for unauthenticated / relay email sending.
Question asked by Phill Healey - September 13, 2016 at 3:48 AM
Unanswered
I have 2 servers, one running my websites (LAMP) and a second win/IIS based server running smartermail. I need all outgoing email from my websites to be sent via Smartermail on the win/IIS server, but without the need for me to add credentials to the email script on each website.
 
So, is it possible to use Smartermail as a relay without the need for authentication but limited to only whitelisted servers IP's ? This way only my LAMP server can send unauthenticated emails via Smartermail?

1 Reply

Reply to Thread
0
CCC Replied
September 13, 2016 at 10:29 AM
I'll share our Windows solution to this problem so you can consider it as conceptual workaround in your environment.
 
We have accomplished this tasks on Windows IIS Servers by setting up a local SMTP relay on the IIS web server (using the IIS SMTP Service), and setting the local SMTP relay agent to accept unauthenticated mail ONLY from localhost (127.0.0.1) and deliver ALL mail directly to the SmarterMail server using SMTP authentication against a dedicated email account defined in SmarterMail.
 
That allows all scripts on the web server to SMTP through 127.0.0.1 with no extra parameters, and all SMTP traffic gets pushed through the SmarterMail server.   This also gives you a local mail queue on the web server in case the smartermail server is unreachable.  Additionally, if you need to change to a new smartermail host (or other mail host) in the future, you only need to update the SMTP relay on each server, the individual scripts on each web sites don't need to change.
 
In your case, you would just need to determine if you can install a 'dumb' linux SMTP relay on your LAMP server that can be configured as follows
1) only accept connections from localhost (127.0.0.1) on port 25
2) forces all outbound mail to relay through your smartermail server
3) forces SMTP Authentication when relaying through your smartermail server
 
If your SMTP Relay supports SMTP Authentication, that also avoids the hassle of maintaining IP address whitelists for the web servers.  If not, then you could skip step 3 and add the IP address of each web server to an SMTP Bypass and Trusted IP whitelistlists in SmarterMail.
 
Hope this helps.

Reply to Thread