Serverwide SMTP authentication

This forum contains features that has been archived. This section contains implemented features, duplicate requests, and requests which we have decided not to implement.
Post Reply
User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Serverwide SMTP authentication

Post by martin » 2004-07-02 12:45

Today you enable SMTP authentication on domain level. So if you have a domain called example.com and enable SMTP authentication for that, users on the domain must use SMTP authentication when sending email from it.

But the SMTP authentication only effects the domain, so anyone can still send a message from "example@someexternaldomain.com" without using SMTP authentication. This is confusing. A lot of users in the forum has misunderstood this and thought this setting effected all users connecting to the server.

So this behaviour will be changed in 3.3. The "Require SMTP authentication" will be removed from domain level and added to IP ranges level. So for every IP range you will be able to specify "Require SMTP authentication for deliveries to internal domains" and "Require SMTP authentication for deliveries to external domains".

So this setting will now be server-wide instead of domain-wide but per IP-address. So you can configure the server to not require authentication when sending emails from within the network but when sending from outside the server will require authentication.

I think this will be a more intuitive behaviour than today.

Anyone has any thoughts about this?

User avatar
Bram
Senior user
Senior user
Posts: 417
Joined: 2004-05-24 22:57
Location: The Netherlands
Contact:

Post by Bram » 2004-07-02 13:06

I think this is a very good option!!

It will make hmailserver harder to setup if everything is done by ip-ranges but you are very free to configure your server.

Make sure the default settings are safe.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2004-07-02 13:57

I think it will be easier to understand and configure the ipranges. You'll get a much better overview of the security settings. And I'll make it extremly user friendly. =)

stebie
New user
New user
Posts: 2
Joined: 2004-08-31 15:59

Post by stebie » 2004-08-31 16:25

I was going to submit practically the same request, until I saw this post.

My idea was focused around more of a server-level SMTP authentication requirement option, but as well having domain-level and/or IP-level settings. The domain/IP level could then be set to 'SMTP authentication required', 'SMTP authentication not required' or 'Use server's default setting' - the server-wide setting being either authentication required' or 'SMTP authentication not required'. I hope what I'm trying to portray makes sense.

Just my two cents...

- stebie

Post Reply