Mailing List CGatePro@mail.stalker.com Message #92628
From: Paul Chauvet <chauvetp@newpaltz.edu>
Subject: Re: Restricting SMTP Access
Date: Mon, 17 Sep 2007 09:18:07 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Evolution 2.10.1
Hello James,

To allow what you want, you basically want to blacklist the entire
internet (i.e. 0.0.0.1 - 255.255.255.255).

Any clients that are listed in the client IP list or that authenticate
(via SMTP authentication) will bypass the blacklisting.

Here we have the same setup and the only things that are in the client
IP section are other servers (including our mail gateway) and ancient
client systems at our library which have software that does not know how
to do SMTP authentication (which is sad considering its the year 2007
but whatever).  This has worked perfectly for us for three years or so
now.

--
------------------------------------------
Paul Chauvet
UNIX/Linux Systems Administrator
State University of New York at New Paltz
845-257-3828
chauvetp@newpaltz.edu
------------------------------------------

On Mon, 2007-09-17 at 06:10 -0700, JGR Help Desk wrote:
> Hi There!
>
>
> My client is running a Communigate Mail server version 4.1.8. I am
> looking into upgrading them but for the time being I need to solve
> this issue.
>
>
> I want to restrict SMTP access to two groups.
>
>
> 1. Email account users who authenticate using their mail clients.
> 2. A list of client IP's that include internal devices and our
> externally hosted spam filter solution (frontbridge)
>
>
> I've added the client IP's to the client IP list and I've tried
> setting SMTP to force authentication for "non-clients". I've even
> tried forcing authentication for "everybody" but no matter what I try,
> I can log into port 25 via telnet and send a message to a local user
> account pretending to be any domain and email address that I so
> desire.
>
>
> Even if the domain from my offsite location were valid, I still don't
> want SMTP servers sending mail directly to my mail server without
> authenticating. The only SMTP traffic that should be hitting my mail
> server without authentication should be from the IP's that I provide
> but that is not happening.
>
>
> I've looked for HOURS, searched the web, read through the manual and
> I'm really frustrated. Any help that anyone could provide would be
> greatly appreciated.
>
> Thank you for your time,
> James L. McMahan Jr.
>
>
>
>
>
>
>
>


Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster