Back to Community Threads
3
Still able to send emails unauthenticated even when Require SMTP Authentication is enable in SmarterMail 13
Problem reported by Miguel Moura - 10/11/2015 at 11:53 AM
Submitted
Hello,
 
I have SmarterMail in13 installed and I have set Require SMTP Authentication for all domains using the propagation tool:
 
However, when I was able to send an email using Outlook without SMTP authentication ...
 
Any idea why this happens? This seems a bug no?
 
Thank You,
Miguel

8 Replies

Reply to Thread
0
Bruce Barnes Replied
10/11/2015 at 1:21 PM
There are many reasons this can happen:
 
 - the domain is allowed to override SMTP authentication
 - the IP ADDRESS of the domain is set for SMTP authentication bypass
 - an external server is accepting e-mail for your server and forwarding to the domain, without being required to authenticate or is listed in SMTP authentication bypass.
 
If they are not already set to detailed, set your SMTP LOGS to DETAILED and then check to see what is shown for anyone sending to the domain.
 
If the issue happens with a specific sender, then search for that sender.
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
kevind Replied
10/12/2015 at 7:27 AM
Miguel,
 
Are you sending to another user on the same domain? SmarterMail allows this even with SMTP Auth enabled. You have to take further steps to lock it down.
 
IMO, this checkbox should require SMTP Auth for intra-domain messaging as well. It would prevent someone from spoofing admin@mydomain.com and sending a fraudulent message to all employees...
 
Kevin
0
Miguel Moura Replied
10/12/2015 at 7:42 AM
Yes, I was still able to send emails from on account to another account on the same domain ... But then I realized I wasn't able to send emails to another domain accounts ... I think, at least, SmarterMail could have a note about that on SMTP authentication. It is a little bit confusing ...
0
kevind Replied
10/12/2015 at 9:03 AM
Agreed. If you enable SMTP Auth, you would expect all domain users need to authenticate, regardless of the recipient.

Maybe ST will recognize this as a problem and fix this behavior.
0
Bruce Barnes Replied
10/12/2015 at 11:23 AM
When properly setup, everyone must SMTP authenticate. This is an issue with your configuration(s), as no one else is complaining about unauthorized senders, and this would be a MUCH larger issue if it were a "bug."
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
Miguel Moura Replied
10/12/2015 at 4:11 PM
Did you read my comments in the previous post?

In Smarter Mail I have:
1 - Require SMTP authenticate for all domains;
2 - I have no IPs bypass in Smarter Mail;
3 - I have Allow Relay: Nobody
4 - I have:
Allow relay for authenticate users (TRUE)
Enable domain's SMTP auth setting for local deliveries; (FALSE)
Disable Auth Login method for SMTP authentication (FALSE)

So with this:
1 - I am able to send emails from one email which exists in the server to any other email or domain existing in the same Smarter Mail even if I am not authenticated.
2 - I am not able to send emails to external domains to the Smarter Mail without authentication ...

So is this normal as I discussed kevind?

Or is this something wrong in my configuration ...
0
Bruce Barnes Replied
10/12/2015 at 5:02 PM
Without actually viewing your configuration, no one can tell whether you are properly configured or now.
 
You will have to open a support ticket with SmarterTools to resolve this.
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
0
Miguel Moura Replied
10/13/2015 at 2:09 AM
I had a few bad experiences with Smarter Mail tickets in the past ... I asked for help and received help a lot of time after I received it and I even solved the problem in the meanwhile ... And the help I received was with more questions. Because of that I have a few expired tickets which didn't result in nothing ...
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

"550 Authentication is Required for Relay" when Sending EmailSmarterMail > Troubleshooting
How to Setup Microsoft 365 (Office) Accounts in SmarterTrack Using OAuthSmarterTrack > Installation and Configuration
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Windows Mail and SmarterMailSmarterMail > Desktop and Mobile Synchronization
Configure Outlook 2007 IMAP or POP AccountSmarterMail > Desktop and Mobile Synchronization