Force SMTP AUTH for specific port

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
arthrax
New user
New user
Posts: 17
Joined: 2019-01-10 12:50

Force SMTP AUTH for specific port

Post by arthrax » 2019-02-20 12:06

Hello,

I need to force auth for port 587 and I found this old post : viewtopic.php?t=6160
I wasn't able to find this feature in the last build.

Can you tell me if this feature exist ? Otherwise I will try the script.

Thanks

palinka
Senior user
Senior user
Posts: 1092
Joined: 2017-09-12 17:57

Re: Force SMTP AUTH for specific port

Post by palinka » 2019-02-20 14:56

Authentication is enabled in the ip ranges.

User avatar
jimimaseye
Moderator
Moderator
Posts: 8116
Joined: 2011-09-08 17:48

Re: Force SMTP AUTH for specific port

Post by jimimaseye » 2019-02-20 15:25

Authentication enforcement to ports is set in TCPIP PORTS (in advanced)

[Entered by mobile. Excuse my spelling.]
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

arthrax
New user
New user
Posts: 17
Joined: 2019-01-10 12:50

Re: Force SMTP AUTH for specific port

Post by arthrax » 2019-02-20 19:05

jimimaseye wrote:
2019-02-20 15:25
palinka wrote:
2019-02-20 14:56
Authentication is enabled in the ip ranges.
Thanks but I need to set it by port and not by protocol.
In my configuration, it is enable on port 25 and 587.
jimimaseye wrote:
2019-02-20 15:25
Authentication enforcement to ports is set in TCPIP PORTS (in advanced)

[Entered by mobile. Excuse my spelling.]
Thanks but I must be blind, I can't see this option.
Here what I have :
Image

mikedibella
Normal user
Normal user
Posts: 177
Joined: 2016-12-08 02:21

Re: Force SMTP AUTH for specific port

Post by mikedibella » 2019-02-20 19:29

Change Connection Security to STARTTLS Required. This will cause the connection to be initiated over TCP, but require STARTTLS to be completed before any other verbs can be used.

User avatar
jimimaseye
Moderator
Moderator
Posts: 8116
Joined: 2011-09-08 17:48

Re: Force SMTP AUTH for specific port

Post by jimimaseye » 2019-02-20 20:43

arthrax wrote:
2019-02-20 19:05
jimimaseye wrote:
2019-02-20 15:25
Authentication enforcement to ports is set in TCPIP PORTS (in advanced)

[Entered by mobile. Excuse my spelling.]
Thanks but I must be blind, I can't see this option.
Here what I have :
Image
Well yes, you must be. It's right there in your image.

"Connection security". Right in the middle of your screen.
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

palinka
Senior user
Senior user
Posts: 1092
Joined: 2017-09-12 17:57

Re: Force SMTP AUTH for specific port

Post by palinka » 2019-02-21 00:17

arthrax wrote:
2019-02-20 19:05
jimimaseye wrote:
2019-02-20 15:25
palinka wrote:
2019-02-20 14:56
Authentication is enabled in the ip ranges.
Thanks but I need to set it by port and not by protocol.
In my configuration, it is enable on port 25 and 587.
If you enable smtp auth in the IP ranges, it will force auth on all ports you designate for smtp. Including 587.

User avatar
mattg
Moderator
Moderator
Posts: 20103
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Force SMTP AUTH for specific port

Post by mattg » 2019-02-21 00:54

Sorry peeps, but I think you all have it wrong

In IP ranges you can require AUTH for certain IP range / connections, but not by port
For instance you can't define port 587 must be AUTH for the entire internet range by doing this without also requiring AUTH for port 25 (both being SMTP)

In TCP/IP ranges you can declare security level, but that doesn't mean AUTH
For instance I get many connections on port 25 that are StartTLS secured, but where there is no AUTH

With the ini setting I can BLOCK a port from accepting AUTH (Which I do for port 25)

But for what the OP is asking, the link in the initial post is the ONLY correct way to block all port 587 connections that aren't AUTH'd
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 20103
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Force SMTP AUTH for specific port

Post by mattg » 2019-02-21 01:03

And thinking about this for a few minutes, I already force all senders to AUTH with their own account no matter the port that they connect to - all via a script in OnAcceptMessage
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

arthrax
New user
New user
Posts: 17
Joined: 2019-01-10 12:50

Re: Force SMTP AUTH for specific port

Post by arthrax » 2019-02-22 11:37

Thanks to all for your help on this subject.

I haven't seen the startssl option because I do not use certificate but only wanted auth. I was searching an option for only for auth in TCP\IP Port menu.

I'm using SMTP on port 25 without auth and SMTP on port 587 with auth.
I have apply the script for auth on port 587 and it is working very well.

Thank s for your help :wink:

Post Reply