465 with athentication

[adeelarifbhatti]

Hi all,

My port 465 is also allow users to deliver mail with out authentication.
Any one with help?
Regards
Adeel

[phoenix]

The correct port for Submissions is 587, you should use that (it already has authentication enabled). There are details in the forums of how to enable port 587 and enable authentication of port 465, please search.

[adeelarifbhatti]

Searched, but didn't got the right answer. Even this was help less> SMTP authenticated ONLY access ?



I dont want the port 465 or say any port used for smtps (587) to deliver mail without authentication.
The current configuration deliver the mails with out the authentication on 465 port.



Any one with kind help please ?
regards
Adeel

[phoenix]

Quote:

Originally Posted by adeelarifbhatti

Searched, but didn't got the right answer. Even this was help less> SMTP authenticated ONLY access ?

Post #4 in that thread gives you the answer to using port 587 as the submission port with authentication. What's the problem with using that?

[adeelarifbhatti]

Hi all,
Believe me, it never solved my issue.
And port 465 with authentication means, delivering of mails only when user gets authenticated, isn't it?


Any more suggestions ?

Regards
Adeel

[phoenix]

Quote:

Originally Posted by adeelarifbhatti

Hi all,
Believe me, it never solved my issue.
And port 465 with authentication means, delivering of mails only when user gets authenticated, isn't it?


Any more suggestions ?

Then I'm confused about what you're asking for. Doesn't your first post ask how to use a submission port with Authentication? If that's not the case perhaps you could rephrase your question and tell me exactly what you're trying to do. If you want external users to send email without authentication then that's not good security practice and you're asking to be an spammers relay.

[adeelarifbhatti]

Well,

Users sending mails through Thunderbird (MUA), if send mails to hotmail.com the mail server will ask for authentication, and you know getting authentication over 25 is not a good idea.
Now, asking the users to get authenticate over SSL port i.e. 465 solves my issue.
But the issue is if the users without authentication uses the port 465 and deliver to its own domain, the mail server accepts the mail.

The port 465 or any SSL port for SMTP shouldn't accept mail for any domain before the users gets authenticated, and my previous mail server had that capability.
Regards
Adeel

[Klug]

Quote:

Originally Posted by adeelarifbhatti

and you know getting authentication over 25 is not a good idea.

Why ?

Quote:

Originally Posted by adeelarifbhatti

The port 465 or any SSL port for SMTP shouldn't accept mail for any domain before the users gets authenticated

Port 465 (or 587 if you change it) behaves exactly the same way that port 25 behaves.

[phoenix]

Quote:

Originally Posted by adeelarifbhatti

But the issue is if the users without authentication uses the port 465 and deliver to its own domain, the mail server accepts the mail.l

It will do that, that's how email works and if they're local users then they will be in the Trusted Networks.

[adeelarifbhatti]

Klug,
getting authentication over port 25 is not a good idea coz of plain text passwords travel across the network.
TLS can be an good idea, but what if the 25 traffic is to come on spam firewall.
Users will get authenticate over SSL port i.e. 465 or may be 587, and will deliver the mail, this will make them bypass the spam firewall.
This is I guess, the best flow of traffic, I will appreciate if some other is shared if considered to be more appropriate then the above.


Regards
Adeel