Topic: SMTP - Authentication, SSL and TLS

[sonoracomm]

Hi,

I've read numerous posts and bug entries but I still have a problem.  I suspect my problem is one of configuration (confusion) rather than an actual bug.

I am commonly faced with two scenarios and I hope for clarification on what settings I need for each case.

Also, if it is possible to create an exception, rather than a system-wide reconfiguration, I would prefer that as I appreciate the goals of the new mail configuration changes since version 7.5.

As I understand the new default SMTP configurations:

1)  The SMTP transparent proxy is enabled by default, unless an upstream smarthost is used.

2)  SMTP Authentication is required to send mail to any outside domain (not hosted on the SME Server).

3)  SSL or TLS is required for SMTP Authentication.

Here are the use cases where I wish clarification:

A box on the local network (router, firewall, backup server, etc.) needs to be able to send mail (to an outside domain).

1)  The box cannot do SMTP Authentication.

2)  The box can do SMTP Authentication, but can't do SSL or TLS.

This is a big problem for me.

Thanks in advance for any assistance.

G

[sonoracomm]

Hmm. Surprisingly few replies.  None.  This is dumb.

Well, I have a workaround.

Create a local user in Server Manager, then forward mail for that user to the desired external e-mail address.  Then configure your router, switch or backup server to send mail to the new local user.

I know, I should have thought of that in the first place...

G

[mdo]

I was hoping for some help and clarification as well because I expect to find similar scenarios and requirements.

[erroneus]

Actually, I think you hit on the best answer for this instance.  You balanced your need/desire to maintain the default security configuration while at the same time making an exception for this one case.  As far as the remote host requiring SMTP auth of some sort, I wonder if the remote host isn't also the destination server.  If that's the case, I wonder why it would require anything other than raw SMTP to receive email for the intended recipient.  SMTP auth should only be needed for things like relay.

[sonoracomm]

Actually, I think you hit on the best answer for this instance.  You balanced your need/desire to maintain the default security configuration while at the same time making an exception for this one case.  As far as the remote host requiring SMTP auth of some sort, I wonder if the remote host isn't also the destination server.  If that's the case, I wonder why it would require anything other than raw SMTP to receive email for the intended recipient.  SMTP auth should only be needed for things like relay.

This _is_ a relay situation, I would imagine, in general.  The recipient, like myself, a technician, doesn't have a mailbox on the SME server but needs to monitor the router/switch/backup server.

G

[CharlieBrady]

Hmm. Surprisingly few replies.  None.  This is dumb.

I can provide a Service Level Agreement if you agree to pay a support stipend.

[sonoracomm]

Deleted by author

[CharlieBrady]

If you don't have anything nice to say, I would suggest you just hold your tongue.

I think you cast the first stone, sir.

My statement in any case was straightforward, and still stands.

[erroneus]

I think we can all agree that this is not "productive" and such commentary should be removed... including this comment I am making.  Would someone please see to it?  I would if I could.