1
SMTP authentication & relay
Question asked by Millennium Systems - 2/7/2024 at 12:25 PM
Unanswered
Experiencing somewhat of an odd issue, and if this is supposed to be what happens I don't quite understand why.

Scenario:

A .NET form on web server uses an external SMTP SmarterMail Free server, form has FROM address info@customerdomain.com

SmarterMail Free server:
- Settings > Protocols > SMTP In > Allow Relay > Nobody
- Has the above web server IP on SMTP Auth Bypass in Whitelist

The mail for customerdomain.com is hosted on another SmarterMail Enterprise server
- Settings > Protocols > SMTP In > Allow Relay > Nobody
- Domains > Security > Require SMTP Authentication > Enabled

When the form is submitted with a recipient of user@customerdomain.com, the message is bounced.

[55796479] Delivery for info@customerdomain.com to user@customerdomain.com has bounced. Reason: Remote host said: 550 Authentication is required for relay

As I see it this should be just another incoming email and have nothing to do with SMTP authentication at that point. Using that same form sending to Yahoo, Gmail recipient, etc... works just fine. Unchecking the SMTP Authentication resolves the issue.

3 Replies

Reply to Thread
0
Zach Sylvester Replied
Employee Post
Hello,

Thank you for reaching out. If you are using the SmarterMail free server as an outbound gateway for your scripts to send messages, then it would be a good idea to whitelist the server's IP address in the Settings -> Security -> Whitelists section on your server that has the domains on it. This will allow the server to bypass SMTP authentication. However, it is not recommended to turn off authentication for your domain, as this can lead to spammers and third parties using your server to send spam.

I hope this explanation helps. 

Thank you.
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com
0
Millennium Systems Replied
Zach,

Thanks for the response and I will try whitelisting on the server hosting the domain, but that still doesn't quite make sense to me.

How is this any different from somebody on another service emailing this domain, and why does SmarterMail reject this form message when it arrives just fine on Yahoo and Google? Is it because the form FROM domain is the same as the recipient domain, how is the SmarterMail server hosting the domain mail even in the mix when it comes to SMTP authentication?
1
Zach Sylvester Replied
Employee Post
Hello, 

Thanks for the follow-up. Yes, this is because the form FROM domain is the same as the recipient domain. This is done to prevent spoofing. To send as a domain on SmarterMail you should need to authenticate first. 

I hope this helps. 

Kind Regards, 
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com

Reply to Thread