Re: Properly configuring SMTP Service


"Sanford Whiteman" <swhitemanlistens-software@xxxxxxxxxxxxxxxxxxxxx> wrote
in message news:op.ttkihtoq6c17zw@xxxxxxxxxxxxxxxxxxxxxxx

Sandy,

Thank you very much for all of your answers.

The only remaining problem is allowing me to send mail through my
server when I am away from home (when I have Internet access from a
hotel, for instance), or to allow my grandfather to send mail, both
of which presumably require relaying. I *thought* that using
"Integrated Windows Authentication" and creating a user account on
the server (which is then specified somewhere in the mail client)
would give me that ability, but that does not appear to be the case,
or else I am missing some other crucial piece of information.

No, you are on the right trail. That's SMTP AUTH. The settings *other
than* 'Anonymous Access' under `Access Control - Authentication` are
the SMTP AUTH mechanisms that your server will support.

'Basic Auth' is the AUTH LOGIN mechanism, which should be supported by
all mail clients; it's not encrypted, which means your credentials can
be sniffed, but it is by far the more portable of the auth mechanisms
supported by IIS SMTP. Set the mail client to use your Windows
username + password to log in to the SMTP server, and make sure that
you *are* logging in -- some mail clients assume you don't need to log
to send mail.

In Outlook Express, on the 'Server' tab of Account Properties, there is a
checkbox item, "My server requires authentication" with a 'Settings' dialog
that lets you specify the username and password information (labeled, 'Logon
Information'). Is this where one specifies the AUTH LOGIN details in
Outlook Express? It seems to me the last time I tried this for my
Grandfather's email, it either caused problems for local accounts, or didn't
allow him to relay, or something (I've tried so many different
configurations now, I don't remember which problems were associated with
which configuration!).

However, using this method concerns me because everything I've read says
*not* to use it due to the fact that usernames and passwords are transmitted
in clear text, so I am not sure this is the way I want to go.


'Integrated Windows Auth' is the secure auth mechanism AUTH GSSAPI
NTLM, but it isn't even supported by all *Microsoft*-brand mail
clients, so I'd leave it alone for your purposes.

Is it your recommendation then to *disable* 'Integrated Windows Auth' and
*enable* only 'Basic Auth'? Is this the way most ISP's provide email to
their customers? If so, how do they deal with concerns of security
(sniffing clear text passwords, etc.)?

Thanks,

- Dennis


.

Relevant Pages

  • Re: PLUG: PMAS
    ... Your mailserver also needs to provide support for SPF or the ability ... TLS should generally just require the enabling of TLS on the SMTP ... SMTP AUTH should just require enabling it on the SMTP server and configuring it ...
    (comp.os.vms)
  • Re: IIS7 with multiple web sites - Windows Auth only working on localhost
    ... The findings of you indicates the problem isn't on the IIS server itself. ... doesn't mean integrated auth is turned off. ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.inetserver.iis.security)
  • RE: Security - ciphers - autentification
    ... There is a ONE server, ... Before server is firewall ... Private key based auth ... > without danger ...
    (SecProg)
  • Re: Can Receive e-mail, but cannot Send
    ... Did you ask tech ... >> support if they made any changes on their end? ... >> requiring SMTP AUTH, when they formerly did not; ... > they had changed something that now when you log onto there server, ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: [9fans] Issues with 2 networks, fs server, and namespaces
    ... ESXi, and working great -- CPU server running with two APs, though ... Both Auth and CPU are on the public ... While I've configured the internal network to be on it's own ...
    (comp.os.plan9)
Loading