Re: Witango-Talk: Help with witango email action windows server 2003

[Bill Conlon]

MTAs don't normally require any authentication for SMTP connections,  
which is why relaying is a problem.  Don't know the IIS MTA, but in my  
Postfix main.cf, I have the following restrictions:

This says what IP addresses can connect to my SMTP server:
	smptpd_helo_restrictions = permit_mynetworks, reject_rbl_client  
sbl-xbl.spamhaus.org

This says who can relay:

	smtpd_recipient_restrictions = permit_mynetworks, check_client_access  
hash:/etc/postfix/pop-before-smtp, reject_unauth_destination

Anyone on the trusted network can relay (ie., my PC can connect and  
send mail to the witango-talk list).  Certain clients on untrusted  
networks (listed in the hash) can also relay.  (I use a Perl-based  
daemon to dynamically modify the client-access hash so remote users can  
relay for a brief period from the same IP from which they have just  
authenticated into my POP server).  Some destinations are explicitly  
rejected.

So, it may be as simple as modifying the IIS equivalent of my_networks  
to include the IP address of the Witango server.


On Sunday, August 28, 2005, at 09:23  AM, Dan Stein wrote:

But the issue is not in the tab where you set the IP address but where  
you choose the access. There is no place to put in an IP address that  
is in the relay section.

There are 3 choices. It works if it is set to allow anonymous.

Otherwise you need to somehow say a domain or specific email address  
is needed.



on 8/28/05 11:14, Roland Dumas at [EMAIL PROTECTED] wrote:

not quite. Authentication is looking at the IP address of the email  
client - the sender's IP address. When you set to allow relay from the  
IP of the machine, say 127.0.0.1, it does not create an open relay  
because the only email client on that machine is the witango mail  
action.

you do want to be able to have applications that do things like 'email  
this page' where the 'from' address is not in your email user list at  
all.


On Aug 27, 2005, at 10:48 PM, Rick Sanders wrote:

Right, but it's a major security issue.
 
If you're allowing relay from your local IP, and you're hosting a  
domain whatever.com anyone can bounce email off that server as long as  
they use a valid email address from that domain. i.e.  
[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>. So, if I wanted to spam  
off the server, I just have to make sure the from address is  
[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>and the server will let it  
through since it's a local address. Authenticating by name and  
password is the safest.

Rick Sanders
President
519-578-5816
www.webenergy-sw.com<http://www.webenergy-sw.com>

----- Original Message -----
From: Roland Dumas<mailto:[EMAIL PROTECTED]>
To: witango-talk@witango.com<mailto:witango-talk@witango.com>
Sent: Sunday, August 28, 2005 1:13 AM
Subject: Re: Witango-Talk: Help with witango email action windows  
server 2003

You should be able to allow relay from the IP address of the machine  
and not have to authenticate sender's name. 

On Aug 27, 2005, at 9:53 PM, Rick Sanders wrote:


Hey Dan,

Are you using the SMTP & POP services within 2003 server? If so, the  
SMTP server isn't authenticating the client.

Try turning authentication off, and see if it works. If so, then  
ensure you are sending the full email address as the username, and  
make sure that the box is checked to use the same username / password  
as to receive email.

Also, this email server is excellent, and free! Really good Australian  
folks:
www.mailenable.com

Rick

----- Original Message ----- From: "Dan Stein" <[EMAIL PROTECTED]  
<mailto:[EMAIL PROTECTED]> >
To: <witango-talk@witango.com <mailto:witango-talk@witango.com> >
Sent: Sunday, August 28, 2005 12:35 AM
Subject: Witango-Talk: Help with witango email action windows server  
2003


An invalid From address was specified.
Error addressing email from : 530 5.7.3 Client was not authenticated


I get this message when trying a send mail action

Windows server 2003
Witango 5.5
I have the local host set as relay allowed form that IP address.

Not user what else to do.

Anyone got this working?

Here is what the logs says from the mail server
127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:37, SMTPSVC1, S66048,  
127.0.0.1,
0, 19, 30, 250, 0, HELO, -,  10.234.195.133,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:37, SMTPSVC1, S66048,  
127.0.0.1,
0, 27, 40, 530, 0, MAIL, -,  FROM: <[EMAIL PROTECTED]  
<mailto:[EMAIL PROTECTED]> >,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:37, SMTPSVC1, S66048,  
127.0.0.1,
0, 27, 40, 240, 16, QUIT, -, 10.234.195.133,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:39, SMTPSVC1, S66048,  
127.0.0.1,
0, 19, 30, 250, 0, HELO, -,  10.234.195.133,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:39, SMTPSVC1, S66048,  
127.0.0.1,
0, 27, 40, 530, 0, MAIL, -,  FROM: <[EMAIL PROTECTED]  
<mailto:[EMAIL PROTECTED]> >,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:39, SMTPSVC1, S66048,  
127.0.0.1,
16, 27, 40, 240, 16, QUIT, -, 10.234.195.133,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:42, SMTPSVC1, S66048,  
127.0.0.1,
0, 19, 30, 250, 0, HELO, -,  10.234.195.133,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:42, SMTPSVC1, S66048,  
127.0.0.1,
0, 27, 40, 530, 0, MAIL, -,  FROM: <[EMAIL PROTECTED]  
<mailto:[EMAIL PROTECTED]> >,

127.0.0.1, 10.234.195.133, 8/28/2005, 0:29:42, SMTPSVC1, S66048,  
127.0.0.1,
16, 27, 40, 240, 16, QUIT, -, 10.234.195.133,


Looks like it is rejecting my email address as the from not sure how I  
would
fix that where is that security setting


-- 
Dan Stein
FileMaker 7 Certified Developer
Digital Software Solutions
799 Evergreen Circle
Telford PA 18969
Land: 215-799-0192
Cell: 610-256-2843
Fax 413-410-9682
FMP, WiTango, EDI,SQL 2000, MySQL, CWP
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
www.dss-db.com

"I destroy my enemies when I make them my friends."

Abraham Lincoln




_______________________________________________________________________ 
_
TO UNSUBSCRIBE: Go to http://www.witango..com/developer/maillist.taf  
<http://www.witango.com/developer/maillist.taf>


_______________________________________________________________________ 
_
TO UNSUBSCRIBE: Go to http://www.witango..com/developer/maillist.taf  
<http://www.witango.com/developer/maillist.taf>



Roland A. Dumas
310 W. Bellevue Ave.
San Mateo, CA 94402
650-347-1373
415-412-9300 (cell)
AIM: radumas
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>


_______________________________________________________________________ 
_
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf



 
Roland A. Dumas
310 W. Bellevue Ave.
San Mateo, CA 94402
650-347-1373
415-412-9300 (cell)
AIM: radumas
[EMAIL PROTECTED]

 


_______________________________________________________________________ 
_
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf



--
Dan Stein
FileMaker 7 Certified Developer
Digital Software Solutions
799 Evergreen Circle
Telford PA 18969
Land: 215-799-0192
Cell: 610-256-2843
Fax 413-410-9682
FMP, WiTango, EDI,SQL 2000, MySQL, CWP
[EMAIL PROTECTED]
www.dss-db.com


    "There is a larger frame to the painting than the one that bounds  
our life's events."

________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf