Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » [Done]smtp authentication
  •  
iamcj

Messages: 70
Karma: 1
Send a private message to this user
seems the server ignore the smtp authentication...

I have enabled "Users authenticated through SMTP for outgoing mail" in "Configuration - SMTP Server - Relay Control"

Is there anything I can do?

Now I telnet the 25 port, after helo, then I can directly use mail from, rcpt to, data to send mail, without seeing any ask for authentication.

[Updated on: Thu, 07 June 2012 04:57]

  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Please get more knowledge about SMTP. SMTP does not require authentication for emails delivered to local domain. However, it does require authentication when relaying emails to other email domains (ie. sending emails out). If you want to authenticate all clients, disable SMTP on port 25 and use SMTP submission on port 587. But no one from the Internet will be able to send you an email.

[Updated on: Wed, 06 June 2012 10:24]

  •  
iamcj

Messages: 70
Karma: 1
Send a private message to this user
you mean if the from/to address is the same local domain, the smtp is always ignored.

so in fact I know your address abc@kerio.com, I can send email from any xxx<_at_>kerio.com to you, bypass the smtp authentication. by this...

telnet mail.kerio.com 25
220 mail.kerio.com ESMTP ready
helo kerio.com
250 mail.kerio.com
mail from:xxx<_at_>kerio.com
250 2.1.0 Sender <xxx<_at_>kerio.com> ok
rcpt to:abc<_at_>kerio.com
250 2.1.5 Recipient <abc<_at_>kerio.com> ok
data
354 Enter mail, end with CRLF.CRLF
test
subject:test


.
250 2.0.0 4fcf1be3-000008fa Message accepted for delivery

it's so impossible... Anyone can use your boss's email and send a fire mail to you...
How can we solve it? by strict spf check?
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
You can't because such email will be rejected by SPF check.
Next Kerio Connect version will be able to stop domain spoofing without authentication.
  •  
iamcj

Messages: 70
Karma: 1
Send a private message to this user
then why kerio.com do not block my smtp request for sending mail from xxx@kerio.com to abc<_at_>kerio.com, you just add some spam score to it?

i have set the spf and enable blocking the email without passing the spf check.

anyway to solve the faking mail request by smtp from intranet address?

if the guys only use webmail, can I set the access ip for only 127.0.0.1 in Configuration-Services-SMTP-Access?
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
iamcj wrote on Wed, 06 June 2012 11:23
then why kerio.com do not block my smtp request for sending mail from xxx<_at_>kerio.com[/email] to abc<_at_>kerio.com, you just add some spam score to it?


because
1. mail.kerio.com is not our MX server for receiving emails
2. we're often changing anti-spam settings on our servers to test new antispam methods. You can't use our server as example.

Petr Dobry
Product Development Manager | Kerio
  •  
iamcj

Messages: 70
Karma: 1
Send a private message to this user
got it.


anyway to solve the faking mail request by smtp from intranet address?

if the guys only use webmail, can I set the access ip for only 127.0.0.1 in Configuration-Services-SMTP-Access?
Previous Topic: Public calendar on android?
Next Topic: kerio Webmail Title
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Oct 19 09:09:59 CEST 2017

Total time taken to generate the page: 0.00418 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.