Mailtraq - the Complete Email Server
   

Enstar for Mailtraq email server sales & support
Making world-class Internet technology affordable  

Search for:

Advanced search

SMTP Authentication

 The SMTP Authentication dialog is available in Mailtraq for any field against which is displayed a padlock icon , principally in the Outgoing Mail dialog at the Remote Mail Server and the Static Routing Table tabs, both of which appear within the Outbox Properties dialog.

 

 

This dialog can also be reached via the Outbound SMTP Security dialog.

 

 

Outbound SMTP Authentication in MailtraqSMTP client authentication enables Mailtraq to exchange credentials with remote mail servers. Authentication is performed before attempting to send mail because it may be required in order to permit either access or authorised mail relaying or both. To ensure compatibility with the requirements of remote mail servers, Mailtraq may be configured to provide custom hello strings.

Mail Account tab

The Mail Account tab appears on the SMTP Authentication dialog and must be configured if the specified remote mail server requires SMTP authentication.

Mail Server
This field contains the non-editable host name of the remote mail server (set in the previous dialog) to which the following authentication parameters apply.

Account / Username
The account name or username relevant to the remote service which is being accessed.

Password
The password relevant to the remote service which is being accessed.

Client Host  Name
The string specified here is be used in by Mailtraq to identify itself to the remote mail server prior to authentication (if the remote mail server requires). In most cases, the default Domain Name can be used but some services may require a specific EHLO identification string to be used.

SSL Mode
Mailtraq supports both Implicit and Explicit (STARTTLS) SSL/TLS modes.
Your ISP will specify which mode you need for successful connection.    [From build 2298]


 

SMTP Authentication in-depth

SMTP Authentication may more easily be understood using an example. See the following to examine the configuration requirements and logs produced where one Mailtraq instance is authenticating itself to another Mailtraq instance prior to sending mail:-

 SMTP AUTH Example
To demonstrate SMTP authentication two systems are required, one acting as the server (listening for connections) and one acting as the client (initiating connections). The client connects to the server and the connection is authenticated by the two parties exchanging encrypted strings which are based on a shared secret, i.e. a password, which is never transmitted as plain text to avoid it becoming compromised. What follows details the settings and processes involved in SMTP AUTH transactions from the separate perspectives of the server and client systems and shows the logs produced by both parties.

Note that the domains and assigned IP addresses used in this example are not routable on the Internet

Server Configuration
On the server, an instance of the SMTP Service must be running on an interface which is accessible to the connecting client. For this example, that is port 25 on server.jhc which host resolves to 192.168.55.

On the Relaying tab of the appropriate SMTP Service instance, the option to 'Use SMTP User Authentication' must be enabled.

Within User Manager, a user must exist with a username and password which is known only to the connecting client. On the Privileges tab of the User Properties dialog, the option to 'Relay Mail beyond this server' must be enabled for that user.

The defined user on the server for this example is 'laptop' with a password of 'abcd' (both without the quotes).

Client Configuration
On the client, assuming that this is not the default delivery route, a static route must be created (within the Static Routing Table tab of the Mail Routing Table – accessed via the Outbox Properties dialog) to direct mail addressed to all_users@example.com to server.jhc for onward transmission to the Internet, as shown in the following settings:-

Address Spec [ *example.com ]
[ ] Use MX Host Lookups
[ x ] Local Area Network
Mail Hosts [ server.jhc ]
Cache for [ ] days
Keep trying every [ 2 ] minutes
For up to [ 12 ] hours
Notify after [ 6 ] hours
[ ] Fallback on the default smart-host if this route fails

Then the user credentials must be entered via the padlock icon  next to the Mail Hosts field:-

Mail Server [ server.jhc ]
Account / Username [ laptop ]
Password [ abcd ]
Client Server Name [ laptop.server.jhc ]

Note that the string in the Client Server Name field for this example is pure invention to more easily distinguish its presence in the SMTP protocol exchanges.

Client Protocol Exchanges
The test message is sent to the client instance of Mailtraq. Local policy accepts all messages for relaying on the 192.168.55.1 interface because that IP address cannot be accessed from the Internet:-

s: Receiving connection from 192.168.55.2
c: HELO telnet
s: 250 laptop.jhc
c: MAIL FROM:<test@laptop.jhc>
s: 250 receiving from test@laptop.jhc
c: RCPT TO:<test@example.com>
s: 250 will send to test@example.com
c: DATA
s: 354 send the message, terminate with "."
c: .
s: 250 received the message, thanks
c: RSET
s: 250 clearing sender and recipient list, go ahead
c: QUIT
s: 221 have a nice day (SMTP Closing)

The Mailtraq client instance routes the test message to its outbox and assigns a route:-

s: Routing (Inbound) LPTP98640A64
s: Router: (Depth 0) LPTP98640A6C: "(test@laptop.jhc) auth relay test" from test@laptop.jhc for test@example.com
s: Assigning LPTP98640A6C (*example.com) to server.jhc +0

The Mailtraq client instance connects to the server instance and authorises itself. Note the use of the custom hello string by the client:

s: 220 jh-c.demon.co.uk Ready for action (Mailtraq 1.1.5.1171/SMTP)
c: EHLO laptop.server.jhc
s: 250-jh-c.demon.co.uk
s: 250-AUTH LOGIN CRAM-MD5
s: 250 AUTH=LOGIN
c: AUTH CRAM-MD5
s: 334 PC0zMzEwMjkuMTAyNDc2OTA5QGpoLWMuZGVtb24uY28udWs+
c: 371 bGFwdG9wIDlmNGUxNDZkY2Y3YTJiZjM5MGNiNmQyZGFhNTIxMzRh
s: 235 OK authenticated

Note that the Mailtraq client instance defaults to requesting the most secure authentication method available from the server instance, in this case CRAM-MD5. SMTP authentication is detailed in RFC 2554.

Now authorised, the Mailtraq client instance can send any message to the server instance for it to relay onwards:-

c: MAIL FROM:<test@laptop.jhc>
s: 250 receiving from test@laptop.jhc
c: RCPT TO:<test@example.com>
s: 250 will send to test@example.com
c: DATA
s: 354 send the message, terminate with "."
c: .
s: 250 received the message, thanks
c: RSET
s: 250 clearing sender and recipient list, go ahead

Server Protocol Exchanges
The Mailtraq server instance receives a connect from the client instance and exchanges credentials:-

s: Receiving connection from 192.168.55.2
c: EHLO laptop.server.jhc
s: 250 AUTH=LOGIN
c: AUTH CRAM-MD5
s: 334 PC0zMzEwMjkuMTAyNDc2OTA5QGpoLWMuZGVtb24uY28udWs+
c: 371 bGFwdG9wIDlmNGUxNDZkY2Y3YTJiZjM5MGNiNmQyZGFhNTIxMzRh
s: 235 OK authenticated

Once authenticated the Mailtraq server accepts any message from the client for onward delivery:-

c: MAIL FROM:<test@laptop.jhc>
s: 250 receiving from test@laptop.jhc
c: RCPT TO:<test@example.com>
s: 250 will send to test@example.com
c: DATA
s: 354 send the message, terminate with "."
c: .
s: 250 received the message, thanks
c: RSET
s: 250 received the message, thanks
c: QUIT
s: 221 have a nice day (SMTP Closing)

Finally, the server instance routes the message to its outbox and assigns an outbound route for onward delivery:-

s: Routing (Inbound) SRV98645F814D
s: Router: (Depth 0) SRV98645F8152: "(test@laptop.jhc) auth relay test" from test@laptop.jhc for test@example.com
s: Assigning SRV98645F8152 (*example.com) to localhost:9925 +0

 


 


 

Download Trial
Buy now
Screenshots
Requirements
Feature Tree
FAQs
What's new
Print this pagePrint this Page  
Mailtraq 2.12 PDFDatasheet  
Send a friend an email about MailtraqShareMailtraq - Email Server at Delicious Mailtraq - Mail Server at digg Mailtraq - Mail Server at FacebookMailtraq - Email Server at stumbleupon Tweet about Mailtraq 

 

 

 
Mailtraq Highlights...
 SMTP Server     Mailtraq SMTP email server video IMAP Server     Mailtraq IMAP email Server video
 POP3 Server     Mailtraq POP3 email server video Proxy Server     Mailtraq proxy email server video
 Webmail Server     Mailtraq webmail email server video Mailing-list Server     Mailing list email server video
 Groupware Services     Mailtraq groupware email services video Spam and Virus control     Spam and virus control email server video

 

   Copyright © 2003 - 2011 Enstar Ltd, Enstar LLC & Fastraq Ltd. All rights reserved. Privacy policy.
   Mailtraq® is a registered trademark of Fastraq Limited.