Setting to enforce authentication on specific SMTP ports
Idea shared by echoDreamz - 4/7/2020 at 12:03 PM
Under Consideration
We are looking to possibly get a setting adding that tells SM that x SMTP port(s) (possibly a setting per port), that authentication is required to send thru x port, unless the IP is SMTP whitelisted/smtp auth bypassed.

7 Replies

Reply to Thread
2
We are looking for this too. Usually the submission port that allows authentication should only allow AUTH if a TLS session was negotiated first (STARTLS). Port 25 shouldn't allow AUTH. That's the best practices.

But I don't know how to do this with smartermail :/



Sébastien Riccio
System & Network Admin

0
Kyle Kerst Replied
Employee Post
Thanks for getting this posted. I have a feature request submitted on behalf of EchoDreamz and this community post will help gather/build a use case that this would benefit the rest of the community. I'll keep an eye on this and will link the post to the ticket as well. 
Kyle Kerst
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
The main reason, we disabled port 25, and after about 3 days, the spammers figured it out and simply updated whatever they were using to hammer our server with crap to our alternative ports.

Also agree, we should be able to state which ports are TLS required.
0
Plus one!
3
Maybe a setting per SMTP port that says "Authentication Required", though, I am not sure how hard that is to implement on a per port basis, so maybe a setting on the SMTP In card that says "Authentication Required" and enforce it globally.

I'd think a per-port setting may be better, where as a global setting may be easier to implement. This setting can still by bypassed by IPs that are whitelisted for "SMTP Auth Bypass".
1
Robert Emmett Replied
Employee Post
I have added this to our features request list.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Thanks Robert! This would be an awesome addition to SM, especially since we use external anti-spam gateways.

Reply to Thread