Print Page | Close Window

SMTP Auth

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7156
Printed Date: 27 December 2024 at 4:59pm


Topic: SMTP Auth
Posted By: yapadu
Subject: SMTP Auth
Date Posted: 10 June 2018 at 7:34am
Is there any INI setting to disable SpamFilter from announcing SMTP Auth?  We don't have any users sending mail through our server with authentication.

Some PCI compliance guys are making noises that our server is advertising SMTP Auth, since we don't use it we might as well just stop announcing it.


-------------
--------------------------------------------------------------
I am a user of SF, not an employee. Use any advice offered at your own risk.



Replies:
Posted By: LogSat
Date Posted: 10 June 2018 at 8:28am
Uhm.. we're actually going to classify thit as a bug - if SpamFilter is not configured to use authentication, then your PCI guys are right - we should not advertise it being available.

We should be able to have a patch ready within the next 24/48 hours.


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Posted By: LogSat
Date Posted: 12 June 2018 at 8:36pm
Yapadu,

FYI a patched build (v4.7.4.250) is now available for download in the registered user area. Thanks for the report!


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Posted By: mmmctune
Date Posted: 11 July 2018 at 8:33am
Running v4.7.4.250, still seeing these - 07/11/18 07:25:19:033 -- (40641232) User failed AUTH LOGIN:
Did I miss a setting? user Authentication is set to none.


Posted By: LogSat
Date Posted: 11 July 2018 at 1:40pm
If authentication is disabled in SpamFilter, then SpamFilter will not advertise that it supports authentication in the EHLO response. Per RFC, this should prevent clients from attempting to authenticate.

If a hacker tries to authenticate anyways... SpamFilter is simply sending to NULL the username/password and will simply ignore the auth request (but we are logging the attempted username/password in the logs so admins can see what the hacker is trying to do...). 


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Posted By: mmmctune
Date Posted: 11 July 2018 at 2:06pm
OK, thanks.


Posted By: dspan824
Date Posted: 13 September 2018 at 12:19pm
My mail Server requires Authentication - I am not using SSL or TLS - How do I Pass this through the spam filter to the Server  The Log entry is:  User failed AUTH LOGIN: my IP Address 

Any help would be Appreciated


-------------
Dan Spangler


Posted By: LogSat
Date Posted: 13 September 2018 at 10:09pm
dspan824,

As mentioned in the support email, the issue is likely caused by this bug that is fixed in the licensed version of SpamFilter but that has not been added to the eval version yet: 

// New to VersionNumber = '4.7.4.250';

{TODO -cFix : Outbound TLS connections were only being made with TLS 1.0, even if TLS 1.1 and TLS 1.2 were configured and in use correctly for inbound emails}

{TODO -cFix : Due to a regression error since v4.5, the AUTH LOGIN appeared in the welcome banner even if authentication was disabled in SpamFilter

We provided a workaround earlier today, but please feel free to contact again either via our support email or via the forum if you need us to assist further!



-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP



Print Page | Close Window