smtp authentication

[ay4you]

Hi
i want to configure the smtp authentication and i have follow everything in these 2 links still nothing
Outgoing SMTP Authentication - Zimbra :: Wiki
SMTP Auth Problems - Zimbra :: Wiki
but still not requesting for authentication is it because im not using the network edition or what

[phoenix]

Are you talking about local or remote clients? Are you actually saying that a remote client can connect without any authentication?

[ay4you]

yes remote clients the server itself is in a data centre i configured it remotely and when i use outlook it doesnt request for authentication i am using debain etch and zimbra 5.06

[phoenix]

Can you give me access to a test account on the server? If you can send me the details in a PM and I'll try to look at it this afternoon.

You profile shows you as having 4.5.7 installed, could you update that withe the output of

Code:

zmcontrol -v

[phoenix]

OK, well I can't get it to login without authentication. Having just read the title of this post again I've realised I might have misunderstood your question. Are you talking about your external clients requiring authentication to send via port 25?

[ay4you]

yes sending mail via port 25
and i want the users to be asked for authentication

[phoenix]

Well first, sorry for my confusion. Second, it wouldn't make any sense to add authentication to port 25 as no external server would be able to send you mail. A user is authenticated by logging into Zimbra via the web UI or a client such as Outlook, they can then send mail (locally and externally) via port 25 as they have already authenticated against the server - that is the normal operation of a mail server.

In actual fact, the correct port for submission by clients is port 587. You can get your users to use that port by doing the following:

In /opt/zimbra/postfix/conf/master.cf you will find three lines near the beginning of that file, they are commented out and if you uncomment them (make sure you preserve the white space at the beginning of the lines) and save the file (restart postfix) your clients will need authentication to send mail.

[ay4you]

Hi
is it these lines

#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_client_restrictions=permit_sasl_authenticate d,reject

or

#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

maybe i didnt explain what i want to do properly
when sending a mail from outlook in the option it has the option that says
my server requires authentication
then a check box i tried sending mails and i didnt check that box but the mail still went i want the server to request authentication from those clients using mail clients so that they will have to check the box that say my server requires authentication

[phoenix]

Yes, I do now understand what you want.

You don't use the "my server requires authentication" when using Port 25, that port should never have authentication on it. If you forced authentication on that port then any mail server that sends mail to you would have to authenticate.

If you want your users to authenticate then port 587 is the correct Submissions port to use and the change in master.cf would achieve that, the 'but' in this scenario is that your users would have to change their client behaviour to use that port.

OK, let's take a step backwards and ask why you want the outgoing mail to be authenticated? Remember that your user has already authenticated against your server by logging into it and providing a valid ligin id/password, why do you want them to do it again?

[ay4you]

but if users dont authenticated when they are sending mails through mail clients then the server will be very open to spam anyone can come in and spam us using our emails