Re: More Authorization Questions

From: Jeff Cochran (jeff.nospam_at_zina.com)
Date: 08/20/04

• Next message: Joe: "More Authorization Questions"
• Previous message: Scott Townsend: "Re: Switched DNS MX to new Server, Old Server still Gets Mail - What domain?"
• In reply to: Evan: "More Authorization Questions"
• Next in thread: Evan: "Re: More Authorization Questions"
• Reply: Evan: "Re: More Authorization Questions"
• Messages sorted by: [ date ] [ thread ]

---

Date: Fri, 20 Aug 2004 17:15:14 GMT

On Fri, 20 Aug 2004 06:59:00 -0700, "Evan" <grime@forbiddenninja.com>
wrote:

>This doesn't make much sense to me.... Is it not possible
>to set my smtp service up so that it requires
>authentication, and yet still be able to receive emails
>from the outside world?

No. If you want systems to authenticate, then you can't accept mail
from systems that don't authenticate.

>If it's not possible that really
>makes for a hard decision. Do I want to leave my email
>server open for anonymous relay and have spammers use my
>server freely, or do I want to enforce authentication and
>not be able to receive any email from the outside world
>because the other email servers don't have authorization?

You're confusing relaying with authenticating. They're not the same
thing.

>I tried adding IP ranges to the Relay Restrictions list,
>but that didn't do any good. It's as if the SMTP service
>is ignoring that list when it decides whether or not to
>accept an email. What am I missing here?

What OS and version of SMTP? I think you may be missing where to set
relay restrictions, but it may be a case of not stopping and
restarting the SMTP services.

Jeff

---

• Next message: Joe: "More Authorization Questions"
• Previous message: Scott Townsend: "Re: Switched DNS MX to new Server, Old Server still Gets Mail - What domain?"
• In reply to: Evan: "More Authorization Questions"
• Next in thread: Evan: "Re: More Authorization Questions"
• Reply: Evan: "Re: More Authorization Questions"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages RE: Microsoft Security Bulletin MS02-011 ... Does anyone have any details about the "Authentication Flaw" in question? ... Apparently the SMTP service gets back from the NTLM that a user was ... Subject: Microsoft Security Bulletin MS02-011 ... The vulnerability results because the affected ... (Focus-Microsoft) More Authorization Questions ... authentication turned on. ... Relay Restrictions: Only the list below - which has the ... IP's and the email server (someone installed a firewall ... It's as if the SMTP service ... (microsoft.public.inetserver.iis.smtp_nntp) TCP connection dropped message is filling up my SonicWALL logfile ... logging for SMTP service and POP service which did not solve the ... the SMTP server, POP mail server or another type of server which is ... 'Authentication' only, not all "TCP connection dropped" messages. ... (comp.security.firewalls) Re: What does a firewall do? ... Nick Roberts writes: ... > be used for authentication, and generally shouldn't be implemented at all. ... > What am I missing? ... your server will reply with a port closed ... (comp.security.firewalls) Re: BASIC Auth mit Javascript ... If this parameter is Null or missing and the site requires authentication, the component displays a logon window. ... Although this method accepts credentials passed via parameter, those credentials are not automatically sent to the server on the first request. ... The bstrUser and bstrPassword parameters are not sent to the server unless the server challenges the client for credentials with a 401 - Access Denied response. ... (de.comp.lang.javascript)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet-Server  > microsoft.public.inetserver.iis.smtp_nntp  > 2004-08