smtp security issue & telenet usage

IceWarp Server User to User Forum

Forums Register Login My Profile Inbox Address Book My Subscription My Forums

Photo Gallery Member List Search Calendars FAQ Ticket List Log Out

smtp security issue & telenet usage

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> [Security] >> IceWarp Server Security Settings >> smtp security issue & telenet usage

Page: [1]

Message

<< Older Topic Newer Topic >>

smtp security issue & telenet usage - 10/9/2008 7:33:12 PM

chrisjr

Posts: 1
Score: 0
Joined: 10/9/2008
Status: offline

Dear Readers,
I've noticed that even though I have my smtp relay is closed and I believe I require a AUTH login I can still send e-mail messages via telnet. Just by logging in and doing the following
:
telnet domain.com 25
FROM: fromAddress
RCPT TO: ToAddress
DATA
TO: TO Address
FROM: From
Subject: Subject
MEsssage

.

When I try to do a AUTH LOGIN is just keeps rejecting my username and passwords which are valid. How can I force an AUTH LOGIN and how can I successfull login via Telnet? I used the AUTH LOGIN through our website to send secure messages to our customers and I'm not able to do that with Merak right now. Any suggestions?

Post #: 1

RE: smtp security issue & telenet usage - 10/10/2008 11:13:42 PM

philou

Posts: 8
Score: 0
Joined: 8/31/2008
Status: offline

You have not mentioned the machine on which you run the telnet command.

Supposing that it is the IceWarp server machine itself, since most probably, 127.0.0.1 is on the "Trusted IPs" list (Security menu item), any mail sent from this address will be accepted. In this case, the antispam log for this telnet session would show Bypass=T.
If you remove the local IP from the trusted list and send a mail using a telnet session, and if the ToAddress is not on your server, you should get a éwe do not relay".

Secondly, if the ToAddress is a local address on your server, it is perfectly correct that the telnet session succeeds. This is simulating the same case as when a remote server contacts your IceWarp to deliver a message to an account on your server.

If the FromAddress used in the telnet session is an account on your server and if
- you do not have "pop before SMTP" checked (recommended)
- the IP of the machine where telnet is run is not in the trusted IPs list
- if you have "reject if originator's domain is local and not authorized" checked (recommended)
- if "Deny SMTP AUTH" is not checked under Security / Advanced (not checked by default)
then
the mail delivery will be refused if the telnet session has not logged on (using AUTH LOGIN) for ex.
This configuration requires each sender to be authenticated before sending mail from your IceWarp server.
If you set this up, you should inform all your users that they would need to configure their client program (Outlook, Thunderbird...) to use SMTP authentication; else they would not be able to send mails.

Thirdly, during a telenet session, after giving the AUTH LOGIN command, you need to give login/password in base64 format. You can encode your login/password strings using http://www.motobit.com/util/base64-decoder-encoder.asp

This should give something like:
220 mail.domain.com ESMTP IceWarp 9.3.2; Sat, 11 Oct 2008 10:06:13 +0200
helo test
250 mail.domain.com Hello test [127.0.0.1], pleased to meet you.
AUTH LOGIN
334 VXNlcm5hbWU6 ---> telnet says : "Username:"
YWRtaW4= ---> you type "admin"
334 UGFzc3dvcmQ6 ---> telnet says : "Password:"
YWRtaW4= ---> you type "admin
235 2.0.0 Authentication successful
mail from: test@demo.fr
250 2.1.0 <test@demo.fr>... Sender ok
...

< Message edited by philou -- 10/11/2008 7:27:34 AM >

(in reply to chrisjr)

Post #: 2