Unauthenticated SMTP Servers

Forums › Microsoft Windows › Unauthenticated SMTP Servers

gehenna

8520 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#111328 30-Oct-2012 16:16

Just curious how people are dealing with the problem of mail enabled applciations and devices once an Exchange Server is removed from an organisation, whether that be because they get their Exchange service hosted somewhere, or they've moved to Office 365....

I know some ISP's allow for SMTP relaying and authenticate against the external IP of the connection, and I know Office 365 can be used as an SMTP relay if you can enter some credentials,

But what about those apps and devices that would never have used authentication of any type: scan to email, mail enabled software, etc...

How are people dealing with that issue?

Zeon

3918 posts

Uber Geek

Trusted

#709247 30-Oct-2012 16:21

Most apps generally support authentication. If they don't time for a new app i think :) - its pretty basic.

Speedtest 2019-10-14

gehenna

8520 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#709249 30-Oct-2012 16:28

Not an option.

So the question remains....

Also to clarify, mostly there won't be a server left on-site to set up an internal smtp relay, so that option is out too.

I'm just curious how other companies are managing this situation, it can't be isolated.

trig42

5816 posts

Uber Geek

ID Verified

#709266 30-Oct-2012 16:46

Setup an email address with your ISP? eg scanner@ispname.co.nz, then setup that email address to forward to the domain address, or change the REPLYTO on the ISPs email?

gehenna

8520 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#709278 30-Oct-2012 16:52

trig42: Setup an email address with your ISP? eg scanner@ispname.co.nz, then setup that email address to forward to the domain address, or change the REPLYTO on the ISPs email?

Not sure what you're getting at....I need to be able to make an internal application (MFC printer for example) use scan-to-email where the SMTP server has been removed internally.

Ideally we would use authentication where possible, just trying to deal with the caveats.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#709288 30-Oct-2012 17:05

Hi, I have a number of Brother printers (low and high end models) that report to me via email and scan to email, under the advanced options there is the ability to authenticate, I just used a general gmail account that we use for other purposes to authenticate and use gmails SMTP servers to send by.

Cyril

DonGould

3892 posts

Uber Geek

#709292 30-Oct-2012 17:11

If I understand the question correctly, then just us a vpn tunnel to bring traffic to your own smtp server in your own network that lets you accept unauthenticated traffic from known hosts.

Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

Jax

92 posts

Master Geek

#709298 30-Oct-2012 17:21

yep this is a problem.

If there is a server left onsite, then you can setup IIS as an SMTP relay with the right settings.
Failing that easiest to use ISP SMTP Server. I also looked to use something like Gmail but as I understand it, it re-stamps the from field or something like that

http://www.configureoffice365.com/configure-office-365-smtp-relay/

Sharesies

Trade NZ and US shares and funds with Sharesies (affiliate link).

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#709300 30-Oct-2012 17:24

hi, if you verify the corporate account with the gmail account and set it as the default then I am pretty sure it will appear as the corporate address, you will need to test, for my applications it has not been an issue, but I can understand you concern.

Cyril

clinty

1183 posts

Uber Geek

Lifetime subscriber

#709355 30-Oct-2012 18:44

Jax: yep this is a problem.

If there is a server left onsite, then you can setup IIS as an SMTP relay with the right settings.

+1

If there is still a Server 2003, 2008, 2012 onsite you can add the virtual SMTP server role (part of IIS). It becomes very easy to setup via an MMC plugin. You can restrict to certain IP addresses and use other restrictions to mitigate the chance of a spam bot using it. We use this for a voice mail system within a school that won't do authentication properly.

www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/e4cf06f5-9a36-474b-ba78-3f287a2b88f2.mspx?mfr=true

Note with IIS 7, you have to enable the SMTP service then use the IIS 6 manager to manage it, as the IIS 7 management console does not include the SMTP manager

Clint

gehenna

8520 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#709664 31-Oct-2012 08:47

Thanks for the feedback. The scenario I'm looking at is that there'll be no server left on site to perform any of the mentioned functions. Just workstations in a workgroup. We're talking about less than 10 user sites that are up for replacing a server and don't want to spend the money on hardware.

DonGould

3892 posts

Uber Geek

#709670 31-Oct-2012 08:54

gehenna: Thanks for the feedback. The scenario I'm looking at is that there'll be no server left on site to perform any of the mentioned functions. Just workstations in a workgroup. We're talking about less than 10 user sites that are up for replacing a server and don't want to spend the money on hardware.

I presented a solution that didn't involve any servers on site. Is the whole business not going to have any sort of infrastructure at all?

My solution could be run off a VPS that you can get from the US for $10 a month.

Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

gehenna

8520 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#709671 31-Oct-2012 09:01

DonGould:
gehenna: Thanks for the feedback. The scenario I'm looking at is that there'll be no server left on site to perform any of the mentioned functions. Just workstations in a workgroup. We're talking about less than 10 user sites that are up for replacing a server and don't want to spend the money on hardware.

I presented a solution that didn't involve any servers on site. Is the whole business not going to have any sort of infrastructure at all?

My solution could be run off a VPS that you can get from the US for $10 a month.

Yep I was responding to the other posts regarding on-site infrastructure.