I've never used IMAP, but I'll take your word for it on that. :-) Does that mean that you would have to select the SMTP server to use for each outbound message? Sounds like a pain to me.:-( I prefer the POP3 method of selecting the outbound account and knowing that all messages will go there without doing anything other than pressing send. Maybe I should setup IMAP, just to play with it!!
Todd -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of IMail Admin at BC Web Sent: Wednesday, November 14, 2001 10:54 PM To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] SMTP Relay. What can we do better. Todd, One correction to your statements: if you use IMAP instead of POP3, then Outlook Express CAN send via different accounts. In that case, I think you need to set the authentication checkbox to on for each account (which can't hurt in any event). Thanks again, Ben ----- Original Message ----- From: "Todd Holt" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 14, 2001 8:15 PM Subject: RE: [IMail Forum] SMTP Relay. What can we do better. > My previous explanation was purely a server side perspective. > > For the client - If the server requires SMTP AUTH (which it should by > now!!!), the client has 2 choices: > (1) Do not supply authentication credentials; in which case the server will > deny all relaying attempts by this client. Typically reported to the user > as error "relaying denied by this server: xxx.xxx.xxx.xxx" or something like > that. > (2) Do supply authentication credentials; in which case the server will > authenticate the client and if authentication passes, allow the SMTP relay > (sending of outgoing message). > > To accomplish #2 above: You need to setup your client to login (send > credentials) when attempting an SMTP relay (sending a message). In > Outlook/Express, you need to goto Tools/Accounts, open the DEFAULT account > (this is the one that has (default) next to the mail type, there can be only > one default and this is the account that will be used to send all outgoing > mail), then on the Servers tab check the "My Server Requires Authentication" > box. It normally defaults correctly, but you can press the settings button, > then verify that the "Use Same Settings As My Incoming Mail Server" radio > button is selected. IMail server cannot use different credentials for > POP3/SMTP on the same user, so as long as you set the POP3 server and SMTP > server to the same IMail machine, you must use the "Use Same Settings As My > Incoming Mail Server" radio button selection. Save everything and send a > message!! > > Contact me directly off list if you have more questions. > > Todd > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of IMail Admin at > BC Web > Sent: Wednesday, November 14, 2001 9:48 PM > To: [EMAIL PROTECTED] > Subject: Re: [IMail Forum] SMTP Relay. What can we do better. > > > Hey Todd, > > Very clear explanation. Now the question becomes: is SMTP AUTH really on > all the time? In Outlook Express, there's an option, "server requires > authentication for ourgoing (SMTP) mail," on the Server tab of the Account > Properties dialog box. If this is unchecked, doesn't that mean the client > will connect without SMTP AUTH? > > Thanks, > > Ben > > > ----- Original Message ----- > From: "Todd Holt" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, November 14, 2001 6:20 PM > Subject: RE: [IMail Forum] SMTP Relay. What can we do better. > > > > There are 2 solutions here that work independently, but in concert. > > > > 1. SMTP AUTH works all of the time. As far as I know, it cannot be turned > > off. It is independent of the relay setting. It is independent of the IP > > address. And the address can change anytime. All it needs is a > connection > > to port 25 of the IMail server. The client will send credentials to the > > server for authentication on each SMTP session opened (basically, each > time > > a message is sent). > > > > 2. The relay setting: If you use "No Relay", you can still have clients > send > > SMTP messages by using SMTP AUTH (remember, it can't be turned off). > Using > > "Relay for Addresses" is essentially a whitelist of IP addresses that can > > send SMTP messages throught the server (relay) without requiring > > authentication. Typically, these are machines that run automated > processes > > that generate email (i.e. not typically your domain controller). These > are > > also addresses that typically reside "inside" the firewall. This keeps > them > > from being spoofed. If you choose, you can specify a public IP address > > (like a client's server, or perhaps their firewall public address if they > > are using NAT), but it may be possible to spoof this address (b/c you have > > no control of what goes on out in the big, bad world). > > > > Summary: By using "Relay for Addresses", you allow a unknown number of > > clients with unknown IPs to relay after being authenticated and you allow > a > > known number (keep this list as small as possible) of machines to relay > > without authenticating. Be sure that you trust any machine on the address > > list!!! > > > > Hope this helps. > > > > Todd > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of IMail Admin at > > BC Web > > Sent: Wednesday, November 14, 2001 5:04 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [IMail Forum] SMTP Relay. What can we do better. > > > > > > There are a couple of these messages that bring up a good point that I'm > > unsure of: when you use "relay for address," how do you handle clients > when > > you don't know their IP address? That is, is there a way to make "relay > for > > address" work for clients that may come through any arbitrary ISP and have > > any (unknown) IP address? > > > > Ben Bednarz > > > > ----- Original Message ----- > > From: "John Tolmachoff" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, November 14, 2001 1:42 PM > > Subject: RE: [IMail Forum] SMTP Relay. What can we do better. > > > > > > Although not the best way, I am currently using Relay for local host > > only, with Declude Hijack running in back ground. It has solved problems > > we have had in the past. > > > > We are unable to use relay for address because some of our clients are > > on DSL which uses DHCP. And some of these users are MAC. > > > > Unless someone has a better idea. > > > > John Tolmachoff, Network Engineer > > > > 211 E. Imperial Hwy., Suite 106 > > Fullerton, CA 92835 > > 714-578-7999, ext. 104 > > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > > www.reliancesoft.com > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry > > Sent: Wednesday, November 14, 2001 10:04 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [IMail Forum] SMTP Relay. What can we do better. > > > > > > >Last week, a person was able to relay 300,000 emails through our Imail > > >server. Our current relay is setup for USERS only. > > > > So you were allowing him to send spam. > > > > >The person was able to relay mail through our system by changing his > > computer > > >name to a domain name in IMail, and creating an email account on his > > computer > > >the same as an email account in one of our Imail domains. > > > > No, it's not nearly that difficult. In their spamware, when asked "What > > > > address do you want listed as the sender of the E-mail", they just > > entered > > "[EMAIL PROTECTED]". No changing of computer names, no creating > > E-mail > > accounts, no hacking involved. > > > > >Since IMail was setup for RELAY FOR USERS ONLY, everything worked > > correctly. > > > > That's correct. "Relay for users" means that you will let anyone relay > > if > > they have an account on your server, or are willing to use an E-mail > > address on your server. > > > > >Even if we had setup IMail relay for HOSTS ONLY, the same thing would > > have > > >occurred. > > > > Quite true. "Relay for hosts" means that anyone can relay mail through > > your server if they have an account on your server, or are willing to > > use a > > made-up E-mail address on your server. > > > > > We tried the NO RELAY option, but unfortunately, since the accept.txt > > > > > file does not work for NO > > >RELAY, none of our emails from WhatsUP Gold could be sent, and some of > > our > > >third party applications like FrontPage etc... cannot use SMTP > > >Authentication. > > > > With "No Mail Relay", you don't use accept.txt -- it means that everyone > > > > has to use SMTP AUTH. > > > > "Relay for Addresses" does what you are looking for (although you don't > > use > > the accept.txt file, you use the button next to "Relay for Addresses" to > > > > list the "safe" IP addresses. > > > > >It would be nice if the ACCEPT.TXT file would worked for NO RELAY but > > it > > >doesn't. > > > > No. "No mail relay" really means "Only relay for people using SMTP > > AUTH". If IMail let certain users bypass it, then it would be "Relay > > for > > Addresses" (which it already has). > > > > >I'm a little upset about this because it was pretty simple for this > > person > > >to do this ... > > > > The problem is that IMail doesn't make it clear that several of their > > anti-relay options don't prevent spammers from using your mail server. > > The > > "Relay for Users" option isn't designed to stop spammers. > > > > -Scott > > --- > > Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for > > IMail. http://www.declude.com > > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > > to be removed from this list. > > > > An Archive of this list is available at: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > > to be removed from this list. > > > > An Archive of this list is available at: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > > to be removed from this list. > > > > An Archive of this list is available at: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > > to be removed from this list. > > > > An Archive of this list is available at: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > to be removed from this list. > > An Archive of this list is available at: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > to be removed from this list. > > An Archive of this list is available at: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
