4
SMTP Authentication Bypass by domain name or email address
Idea shared by Camilo Torres - 7/16/2016 at 2:51 PM
Proposed
We have a hybrid environment with SmarterMail and Exchange running on Office 365. The emails are forwarded from SM to O365 to the few users that exist there, but if one of them reply to one of our SM internal users which only exists in SM, in order for those email to be delivered from Exchange we need to remove the checkbox in SM for "Enable domain's SMTP auth setting for local deliveries" for incoming SMTP since Exchange needs to be configured for "Internal Relay" which doesn't use authentication when connecting to SM.
 
By disabling the "Enable domain's SMTP auth setting for local deliveries" option then we start receiving spam from external users that are emailing our local users of SM.
 
Use SMTP Authentication Bypass is not a good option because of 2 reasons:
1. There is a very large (and continiously growing) list of IPs for Office 365 that we will need to add and maintain.
2. Adding that full list means that we will be allowing open relay for all Office 365 users which is likely to be very large.
 
I propose the idea of allowing SMTP Authentication Bypass based on the sender domain or email address, so we can allow relay only for that handful of users that are hosted on Exchange.
 

Reply to Thread