Results 1 to 4 of 4

Thread: Force smtp authentication!

  1. #1
    lmthong is offline User Awaiting Moderation
    Join Date
    May 2010
    Posts
    19
    Rep Power
    0

    Default Force smtp authentication!

    Hi there

    I configured the MTA with Enable authentication and TLS authentication only. Everything works well, all the mail client have to set "My outgoing server (SMTP) requires authentication" and use 465 (SSL) to send mail.

    Now i found that I can telnet to port 25 (from and LAN machine) and do send mail without any authentication (the mail client still required)

    I still control my trusted network list.

    Any ideas?

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,485
    Rep Power
    56

    Default

    Quote Originally Posted by lmthong View Post
    Hi there

    I configured the MTA with Enable authentication and TLS authentication only. Everything works well, all the mail client have to set "My outgoing server (SMTP) requires authentication" and use 465 (SSL) to send mail.
    You actually should be using the correct Submission port which is 587.

    Quote Originally Posted by lmthong View Post
    Now i found that I can telnet to port 25 (from and LAN machine) and do send mail without any authentication (the mail client still required)
    Of course you can do that, what would you expect to happen? The LAN users are in your Trusted Network settings, did you search for this in the forums (you should, it's been covered many times)?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    lmthong is offline User Awaiting Moderation
    Join Date
    May 2010
    Posts
    19
    Rep Power
    0

    Default

    Sorry, but I did search.

    By the way, how can i remove LAN out of Trusted Network. I saw there's only 127.0.0.0/8, zimbra-mailbox-server-ip,zimbra-mta-server-ip.

    And why the LAN users can not send mail if the mail client doesnot set to "My outgoing server (SMTP) requires authentication" but the telnet?

  4. #4
    lmthong is offline User Awaiting Moderation
    Join Date
    May 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by vavai View Post
    To remove your LAN from trusted network, mark your Zimbra ip with /32 subnet instead of the default /24, so your trusted network should be look like this :

    127.0.0.0/8 192.168.10.1/32 (if your Zimbra IP = 192.168.10.1)

    Why your client need SMTP auth because you force it to use TLS only.
    Sure, except loopback address, all other Trust Network was /32.

    Now the MTA is "TLS authentication only" but why the port 25 still allow send mail without any authentication (test by telnet mta.mydomain.com 25). And why the mail client (like MS outlook, outlook express) have to set "My outgoing server (SMTP) requires authentication" (this is what I expect). I'm taking about LAN users.

    more clear: I put my MTA in DMZ, trusted network is: 127.0.0.0/8, zimbra-mailbox-ip/32,zimbra-mta-ip/32 and nothing else
    Last edited by lmthong; 12-23-2010 at 01:22 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. External SMTP server authentication for every diferent user
    By mario@simpatics.com in forum Administrators
    Replies: 3
    Last Post: 11-25-2010, 11:53 AM
  2. SMTP Authentication
    By ferra in forum Installation
    Replies: 13
    Last Post: 06-26-2008, 07:25 AM
  3. Force TLS for outgoing SMTP
    By peter@mxtoolbox.com in forum Administrators
    Replies: 1
    Last Post: 04-12-2008, 11:12 PM
  4. SMTP authentication problems continue
    By EdMartin in forum Installation
    Replies: 2
    Last Post: 01-11-2008, 03:23 AM
  5. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •