Using IP ranges to block SMTP auth from outside

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
Tim Josten
New user
New user
Posts: 7
Joined: 2012-03-28 06:28

Using IP ranges to block SMTP auth from outside

Post by Tim Josten » 2012-03-28 06:44

Hello!

I am currently setting up hMailServer and faced the following problem.
For example, I created user Tim, set password to 1234. I can send email to the outside from my local network.
I can receive emails from the outside. But how do I block access to SMTP from the outside (so no one can send email using Tim's account and his password, leaving only incoming "extrernal to local" mail allowed from the outside)?

Yes, I can set the more strong password, but that's the other thing...

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: Using IP ranges to block SMTP auth from outside

Post by ^DooM^ » 2012-03-28 10:34

You would have to script this checking IP on Auth to make sure it's local/lan.

The code below rejects connections on SMTP except for local, you can expand on this to check for auth and so on.

Code: Select all

Sub OnClientConnect(oClient)   
    Result.Value = 0   
    If oClient.Port = 25 Then      
        If StrComp("127.0.0.0", "127.0.0.1") Then         
        ' We only allow SMTP connections from local host.         
        Result.Value = 1      
        End if   
    End If    
End Sub 
http://www.hmailserver.com/documentatio ... ce_scripts
http://www.hmailserver.com/documentatio ... om_objects
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

Tim Josten
New user
New user
Posts: 7
Joined: 2012-03-28 06:28

Re: Using IP ranges to block SMTP auth from outside

Post by Tim Josten » 2012-03-28 10:57

Thank you! That's what I was looking for. Will give it a try.

Tim Josten
New user
New user
Posts: 7
Joined: 2012-03-28 06:28

Re: Using IP ranges to block SMTP auth from outside

Post by Tim Josten » 2012-03-29 05:26

Well, OnClientConnect cannot be expanded to process auth stuff, since it is fired right after TCP connection is established (long before SMTP HELO is sent, etc).
So, I am thinking about other events like:
OnAcceptMessage
OnDeliveryStart
OnDeliverMessage

User avatar
mattg
Moderator
Moderator
Posts: 20791
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Using IP ranges to block SMTP auth from outside

Post by mattg » 2012-03-29 06:24

it depends on what you want to do

OnClientConnect does have port and connecting IP address, but not much else

The others give a bit more that you can use, and of course the timing is different between them
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Post Reply