ME020583 - HOWTO: Preventing SMTP authentication through plain text connections


SUMMARY

You may wish to prevent plain SMTP authentication if the client is not on a secure connection (SSL or TLS). This can be useful when you wish to meet PCI compliance. Be careful when setting this value, as it will prevent users from sending email if they have not configured their email client to use SSL/TLS.

DETAIL

Setting the option is done through the editing of the Windows registry. The registry keys below need to be added. The listen port is for the primary listening port and the alternate is for the submission port. This option is only available in MailEnable version 6.60 and later.

On 64bit Windows:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP]
"Listen Port Authentication Mode"=dword:00000002
"Alternate Port Authentication Mode"=dword:00000002

On 32bit Windows:

[HKEY_LOCAL_MACHINE\SOFTWARE\Mail Enable\Mail Enable\Connectors\SMTP]
"Listen Port Authentication Mode"=dword:00000002
"Alternate Port Authentication Mode"=dword:00000002

The value of the key can be:

0 = (default) this allows authentication
1 = no authentication allowed
2 = allow authentication, but only if the port is SSL or TLS has been initiated

You need to restart the SMTP service after any change.



REFERENCES

Configuring extra SMTP ports with this option:

Article ME020571

 



Product:MailEnable (ME-5.X ME-6.X Pro-5.X Pro-6.X Ent-5.X Ent-6.X)
Category:Environment
Module:General
Keywords:pci compliance
Class:HOWTO: Product Instructions
Revised:Wednesday, May 4, 2016
Author:
Publisher:MailEnable