SMTP Security "Prevent sender address spoofing..."

Discussion forum for Enterprise Edition.
nowhere
Posts: 29
Joined: Mon Aug 09, 2010 7:34 pm

SMTP Security "Prevent sender address spoofing..."

Post by nowhere »

Hi all,
i have a real problem with this setting at the SMTP object (latest version of MailEnable).
What I wish is that if a IP-Adress of a sender is entered at the SMTP Relay Tab "Privileged IP´s" the "Prevent sender address spoofing ..." should ignore connections from such IP-Adresses.

For me I have problems with webservices and other services (AS/400, old Scripts running at remote server and so on) which sending with a domain name which existes at MailEnable. But a auth methode is not possible with this apps. Also it is not possibel to use other tools supported by MailEnable.
But deactivating this option increases spam volume.

Are there any plans to change this option?
If not I have to plan to move to a other mail server solution because my user need the ability to send without authentication from specified IP-Adresses.

Thanks for your feedback

nowhere
Posts: 29
Joined: Mon Aug 09, 2010 7:34 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by nowhere »

Hello,

if you search around the Newsgroup also other user has a simmilar problem

http://forum.mailenable.com/viewtopic.php?f=7&t=20769

We need the ability to allow specified IP-addresses to ignored from any antispam feature like relay check, spoofing check and so on

isaak
Posts: 476
Joined: Sat Nov 11, 2006 12:10 am

Re: SMTP Security "Prevent sender address spoofing..."

Post by isaak »

We are having similar problems.
If osCommerce is hosted and trying to use ME, "Prevent sender address spoofing..." denies application to send emails.
It should be ignored if IP address is added to the Priviledged IP list.

In fact, that was the original working configuration.
Seems it changed with v4.

Can it be changed back?

nowhere
Posts: 29
Joined: Mon Aug 09, 2010 7:34 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by nowhere »

In the past I worked with a lot of different mail server products and at every product I was able to set such a privileged IP Adresse.
ME is the first product which do not offer such a feature.
And this is a big, big, big disadvantage.

Because ME 4.x is the first version I work with I don´t know about the older one and if it worked.
But we need this feature.

Please add this feature

Thanks

sergio
Posts: 67
Joined: Thu Mar 31, 2005 10:20 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by sergio »

Im with similar problem.

consultorpc
Posts: 49
Joined: Sun May 16, 2004 3:42 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by consultorpc »

We also need this feature. It should be easy to implement.

isaak
Posts: 476
Joined: Sat Nov 11, 2006 12:10 am

Re: SMTP Security "Prevent sender address spoofing..."

Post by isaak »

Is this issue being addressed on V5?
We need an answer because its a big deal for many of us using ME.

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: SMTP Security "Prevent sender address spoofing..."

Post by MailEnable-Ian »

Hi,

As the MailEnable documentation states:
"The security option "Prevent sender address spoofing" forces anyone sending through the server with a sender address which is configured in MailEnable to authenticate. This option is ignored if the sender is sending from a local IP address.


It is not related to SMTP relaying in anyway and cannot be overridden by adding the IP address to the Privileged IP's to relay option as its a security option to stop spammers sending messages to your users using a forged email address that exists within MailEnable.
Regards,

Ian Margarone
MailEnable Support

nowhere
Posts: 29
Joined: Mon Aug 09, 2010 7:34 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by nowhere »

Hi,
yes we understand this feature.
But, because it is a real problem we need the option to allow remote senders to relay through ME without authentication by adding a trusted IP-address to the ME config.
Every mailserver I am aware of is able to do so.

Because ME is not able to do so I had to run another mailserver.

Regards

isaak
Posts: 476
Joined: Sat Nov 11, 2006 12:10 am

Re: SMTP Security "Prevent sender address spoofing..."

Post by isaak »

I agree with nowhere.
We understand the feature and we know why is there.

But a trusted IP should override the option like other mail server suites do.
Would you ever considering returning to the overridden method of the trusted IP as it was on V3?

Some web applications dont support SMTP authentication.
So we must add the IP in the trusted list so the "Prevent sender address spoofing..." option doesnt stop the email.
Many of us are asking this feature to be overridden since we know how it works and need other applications to be fully compatible with ME.

isaak
Posts: 476
Joined: Sat Nov 11, 2006 12:10 am

Re: SMTP Security "Prevent sender address spoofing..."

Post by isaak »

If we managed our servers, we should be the ones who decide if an IP exception can override a sender spoofing test, dont you think?

MailEnable
Site Admin
Posts: 4441
Joined: Tue Jun 25, 2002 3:03 am
Location: Melbourne, Victoria Australia

Re: SMTP Security "Prevent sender address spoofing..."

Post by MailEnable »

Having looked at the code of the connector, it seems that there is a provision to change the behaviour.

If you change this key to a value of 2, then it should bypass local IP Addresses:

Root: HKEY_LOCAL_MACHINE\SOFTWARE\Mail Enable\Mail Enable\Connectors\SMTP
Name: Local Senders Must Authenticate
Type: DWORD
Value: 0 =Off, 1=On, 2=On; but bypass local IP addresses

The MMC does not have the ability to specify a value of 2 though - so you will need to edit registry.
You will need to restart smtp connector for the setting to take effect.

Note: If you change the setting to a value of 2, and then access the configuration page in the MMC and then save, it will revert the setting to 1 or 0, because it does not yet understand the setting value.
I have requested that the change be made to the MMC to accomodate the setting - in which case it will be released in V5.02 along with the other updates.
Regards, Andrew

nowhere
Posts: 29
Joined: Mon Aug 09, 2010 7:34 pm

Re: SMTP Security "Prevent sender address spoofing..."

Post by nowhere »

Hallo,
thank you for your response.
What does it mean bypassing local ip addresses?
It is not enough bypassing local ip addresses. I also need the ability to add ip-addresses which are remote.

Thanks

isaak
Posts: 476
Joined: Sat Nov 11, 2006 12:10 am

Re: SMTP Security "Prevent sender address spoofing..."

Post by isaak »

I was gonna ask the same question here. :)
But I believe thats a workaround for now.

Hopefully on version 5.02 remote IP addresses are also included as bypass to the Prevent sender address spoofing.

MailEnable
Site Admin
Posts: 4441
Joined: Tue Jun 25, 2002 3:03 am
Location: Melbourne, Victoria Australia

Re: SMTP Security "Prevent sender address spoofing..."

Post by MailEnable »

Sorry, I meant "Privileged IPs" (the function in the code is a little ambigous)- ie: Anything defined under Privileged IPs section of the SMTP properties (you can define addresses/mask for remote IPs).

Obviously, it does mean though that the addresses you add would also have full relay rights through the server though.
Regards, Andrew

Post Reply