Mailing List CGatePro@mail.stalker.com Message #106565
From: Brian Turnbow b.turnbow@twt.it <CGatePro@mail.stalker.com>
Subject: RE: How to require authentication for SMTP
Date: Tue, 12 Sep 2017 11:43:01 +0200
To: 'CommuniGate Pro Discussions' <CGatePro@mail.stalker.com>
X-Mailer: Microsoft Outlook 14.0
You can achieve something similar by setting in the users -> domain
defaults -> SMTP  force auth  to  "everybody" .(also in the single domain
settings for granular use)
This would make it impossible for any domain user to send email  without
authenticating regardless of the port used.
i.e.  all users would need to authenticate to send mail even on port 25
Someone could use the port to send email to a cgp user from a non cgp
domain, but they can already do that on port 25 so it would not change the
system behavior.


Brian

> -----Original Message-----
> From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com]
> Sent: martedì 12 settembre 2017 09:41
> To: CommuniGate Pro Discussions
> Subject: Re: How to require authentication for SMTP
>
> Thanks for the suggestion. In fact, I tried that already. With iptables
it works
> fine for IPv4, but with ip6tables I did not succeed to make it working
for IPv6.
> So, it works in most cases, but I wondered why CGP does not offer a
better
> solution.
>
> So, I would like to add a feature request for this option. Clearly,
there is a
> need for it, which can be honored currently only by external software
meant
> for something else, such as VPN and firewall software.
>
>
> > Another way would be to open another port on your firewall, but
> > redirect to CGP's 587.
> >
> > Nicolas Hatier, ing. <nicolas.hatier@niversoft.com> Niversoft idées
> > logicielles - http://www.niversoft.com
> >>
> >>
> >>
> >>On 2017-09-06 10:59, Mark J Strawcutter mjstraw@iup.edu wrote:
> >>For those instances where 587 is blocked, can you provide them with a
> >>VPN service so they can open 587 thru that?
> >>
> >>Mark
> >>
> >>On 9/6/2017 3:39 AM, Fred.Zwarts F.Zwarts@KVI.nl wrote:
> >>WE have set up a system with two SMTP ports. One is port 25, used for
> >>receiving mails sent to our users. The other one is port 587, the
> >>submission port, which is used by our users to send mail elsewhere.
> >>Port
> >>587 requires authentication, which makes sure that only valid users
> >>send mail elsewhere. This port 587 is also used by our users when the
> >>are traveling, and when they are on networks of other providers.
> >>Now it turns out that some providers block port 587. I don't understan
> >>why, but that does not matter, it is a fact and we cannot change it.
> >>So, I want to offer my users another port, with the same properties as
> >>port 587. However, I cannot find a way to require authentication. It
> >>seems that port 587 is configured automagically to require
authentication.
> >>Does someone know how this can be accomplished? If not, is it a good
> >>idea for a new feature.
>
>
> #############################################################
> This message is sent to you because you are subscribed to
>   the mailing list <CGatePro@mail.stalker.com>.
> To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch to
the
> DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
> To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
> Send administrative queries to  <CGatePro-request@mail.stalker.com>
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster