3
'Require Auth Match' does not always work
Problem reported by Etienne Wilderink - 5/12/2019 at 3:41 AM
Submitted
It seems that randomly the SMTP Out protocol setting 'Require Auth Match' set to 'Email address' does not work. Using an account from domainA, I am able to send a mail from an user of domainB.

I use SMTP SSL on port 465, a@domainA as authentication user and b@domainB as sender address. There is no whitelisting set for the source IP of the sender's computer (not the local address and not the internet IP). Sometimes the mail gets blocked (and the Outlook client receives a error on the send action), but most times the mail passes through and is delivered to the recipient, signed with the DKIM of the spoofed address.

The SMTP log states (where the real addresses are replaced by a@domaina.com as user and b@domainb.com as sender address configured in Outlook):
Authenticating as etienne@cloudwerkt.nl
[2019.05.12] 12:32:28.234 [21700747] rsp: 235 Authentication successful
[2019.05.12] 12:32:28.234 [21700747] Authenticated as a@domaina.com
[2019.05.12] 12:32:28.249 [21700747] cmd: MAIL FROM:<b@domainb.com>
[2019.05.12] 12:32:28.249 [21700747] senderEmail(1): b@domainb.com parsed using: <b@domainb.com>
[2019.05.12] 12:32:28.265 [21700747] rsp: 250 OK <b@domainb.com> Sender ok
[2019.05.12] 12:32:28.265 [21700747] Sender accepted. Weight: 0. Block threshold: 50.
[2019.05.12] 12:32:28.280 [21700747] cmd: RCPT TO:<external@gmail.com>
[2019.05.12] 12:32:28.280 [21700747] rsp: 250 OK <external@gmail.com> Recipient ok

Overview of the SMTP Out settings:

Disabling 'Allow relay for authenticated users' disables (as mentioned in the manual) all outgoing email to external addresses so that option is enabled.

1 Reply

Reply to Thread
0
Kyle Kerst Replied
Employee Post
I believe this may be occuring due to a missing setting. Can you please try enabling the Enable domain's SMTP auth setting for local deliveries and retest this to see if this occurs afterwards?
Kyle Kerst System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com

Reply to Thread