Group: netwin.surgemail
Subject: Re: [SurgeMail List] Re: Portauth behavior / auth question
Date: Tue, 2 May 2017 14:44:05 -0500

Hello,

Is there a newer surgemail version with this logging behavior fixed?  
Right now we are running:
SurgeMail Version 7.2f-18, Built Jan 28 2017 10:36:33, Platform Linux_64
Key N745262 OK, email=helpdesk@wcta.net, users=10000, flags=48, 
host=surgemail1.wcta.net:216.189.129.120, prod=surgemail active=1370 
updates=2/Sep/2019

-Troy

On 01/30/2017 09:38 PM, surgemail-support wrote:
> Ok, I'll fix that.
>
>     chrisP.
>
>
>
> On 31/01/2017 3:12 p.m., Surgemail wrote:
>> So far, this tests well.  Thank you!
>>
>> I do spot one logging issue.  I'm seeing an awful lot of these in 
>> login_failed.log:
>>
>> 2017-01-30 20:09:13.00:4057122560: 530 530 Please use smtp port (587) 
>> not (25) for email clients
>> 2017-01-30 20:09:15.00:4049438464: 530 530 Please use smtp port (587) 
>> not (25) for email clients
>>
>> It should list the source IP, I think?
>>
>> -Troy
>>
>>
>> On 01/27/2017 03:40 PM, surgemail-support wrote:
>>> We will change it to reject the login attempt, I was gonna say 'no' 
>>> you can't stop the client sending the login attempt, but then I 
>>> realized you mostly can, so we've done that too, here is a new 
>>> binary to test.
>>>
>>>     http://netwinsite.com/ftp/misc/l64.tar.gz
>>>
>>> with:
>>> g_smtp_portauth "587"
>>> g_smtp_portforce "TRUE"
>>>
>>> This is a beta, keep your old surgemail binary just in case :-)
>>>
>>> ChrisP.
>>>
>>>
>>> > I think surge, with this configuration,  should ignore the 
>>> user/pass when authentication is tried and always reject with "554 
>>> Please use smtp port (587) not (25)"
>>>>
>>>> What do you think?
>>>>
>>>> I'd really like the client to not send a user/pass in the clear at 
>>>> all.  Is there some way prohibit the client from even trying?
>>>>
>>>> -Troy
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>



From: surgemail-support <surgemail-support@netwinsite.com>
Date: Wed, 3 May 2017 10:53:24 +1200

This is a multi-part message in MIME format.
--------------B93451EF41ABD4D4F0A23F32
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit

Yes.

http://netwinsite.com/surgemail/betadownloads.htm

ChrisP.



On 3/05/2017 7:44 a.m., surgemail-list@netwinsite.com wrote:
> Hello,
>
> Is there a newer surgemail version with this logging behavior fixed?  
> Right now we are running:
> SurgeMail Version 7.2f-18, Built Jan 28 2017 10:36:33, Platform Linux_64
> Key N745262 OK, email=helpdesk@wcta.net, users=10000, flags=48, 
> host=surgemail1.wcta.net:216.189.129.120, prod=surgemail active=1370 
> updates=2/Sep/2019
>
> -Troy
>
> On 01/30/2017 09:38 PM, surgemail-support wrote:
>> Ok, I'll fix that.
>>
>>     chrisP.
>>
>>
>>
>> On 31/01/2017 3:12 p.m., Surgemail wrote:
>>> So far, this tests well.  Thank you!
>>>
>>> I do spot one logging issue.  I'm seeing an awful lot of these in 
>>> login_failed.log:
>>>
>>> 2017-01-30 20:09:13.00:4057122560: 530 530 Please use smtp port 
>>> (587) not (25) for email clients
>>> 2017-01-30 20:09:15.00:4049438464: 530 530 Please use smtp port 
>>> (587) not (25) for email clients
>>>
>>> It should list the source IP, I think?
>>>
>>> -Troy
>>>
>>>
>>> On 01/27/2017 03:40 PM, surgemail-support wrote:
>>>> We will change it to reject the login attempt, I was gonna say 'no' 
>>>> you can't stop the client sending the login attempt, but then I 
>>>> realized you mostly can, so we've done that too, here is a new 
>>>> binary to test.
>>>>
>>>>     http://netwinsite.com/ftp/misc/l64.tar.gz
>>>>
>>>> with:
>>>> g_smtp_portauth "587"
>>>> g_smtp_portforce "TRUE"
>>>>
>>>> This is a beta, keep your old surgemail binary just in case :-)
>>>>
>>>> ChrisP.
>>>>
>>>>
>>>> > I think surge, with this configuration,  should ignore the 
>>>> user/pass when authentication is tried and always reject with "554 
>>>> Please use smtp port (587) not (25)"
>>>>>
>>>>> What do you think?
>>>>>
>>>>> I'd really like the client to not send a user/pass in the clear at 
>>>>> all.  Is there some way prohibit the client from even trying?
>>>>>
>>>>> -Troy
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>

-- 
I'd really appreciate it if you could take a moment to like us on 
FaceBook <https://www.facebook.com/SurgeMail-194672027239873>, thanks 
heaps! ChrisP.

--------------B93451EF41ABD4D4F0A23F32
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 8bit

<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <p>Yes.</p>
    <p><a class="moz-txt-link-freetext" href="http://netwinsite.com/surgemail/betadownloads.htm">http://netwinsite.com/surgemail/betadownloads.htm</a></p>
    <p>ChrisP.</p>
    <p><br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 3/05/2017 7:44 a.m.,
      <a class="moz-txt-link-abbreviated" href="mailto:surgemail-list@netwinsite.com">surgemail-list@netwinsite.com</a> wrote:<br>
    </div>
    <blockquote cite="mid:d6373a52-e3cd-d252-1038-0f52c3b349dc@wcta.net"
      type="cite">Hello,
      <br>
      <br>
      Is there a newer surgemail version with this logging behavior
      fixed?  Right now we are running:
      <br>
      SurgeMail Version 7.2f-18, Built Jan 28 2017 10:36:33, Platform
      Linux_64
      <br>
      Key N745262 OK, <a class="moz-txt-link-abbreviated" href="mailto:email=helpdesk@wcta.net">email=helpdesk@wcta.net</a>, users=10000, flags=48,
      host=surgemail1.wcta.net:216.189.129.120, prod=surgemail
      active=1370 updates=2/Sep/2019
      <br>
      <br>
      -Troy
      <br>
      <br>
      On 01/30/2017 09:38 PM, surgemail-support wrote:
      <br>
      <blockquote type="cite">Ok, I'll fix that.
        <br>
        <br>
            chrisP.
        <br>
        <br>
        <br>
        <br>
        On 31/01/2017 3:12 p.m., Surgemail wrote:
        <br>
        <blockquote type="cite">So far, this tests well.  Thank you!
          <br>
          <br>
          I do spot one logging issue.  I'm seeing an awful lot of these
          in login_failed.log:
          <br>
          <br>
          2017-01-30 20:09:13.00:4057122560: 530 530 Please use smtp
          port (587) not (25) for email clients
          <br>
          2017-01-30 20:09:15.00:4049438464: 530 530 Please use smtp
          port (587) not (25) for email clients
          <br>
          <br>
          It should list the source IP, I think?
          <br>
          <br>
          -Troy
          <br>
          <br>
          <br>
          On 01/27/2017 03:40 PM, surgemail-support wrote:
          <br>
          <blockquote type="cite">We will change it to reject the login
            attempt, I was gonna say 'no' you can't stop the client
            sending the login attempt, but then I realized you mostly
            can, so we've done that too, here is a new binary to test.
            <br>
            <br>
                <a class="moz-txt-link-freetext" href="http://netwinsite.com/ftp/misc/l64.tar.gz">http://netwinsite.com/ftp/misc/l64.tar.gz</a>
            <br>
            <br>
            with:
            <br>
            g_smtp_portauth "587"
            <br>
            g_smtp_portforce "TRUE"
            <br>
            <br>
            This is a beta, keep your old surgemail binary just in case
            :-)
            <br>
            <br>
            ChrisP.
            <br>
            <br>
            <br>
            &gt; I think surge, with this configuration,  should ignore
            the user/pass when authentication is tried and always reject
            with "554 Please use smtp port (587) not (25)"
            <br>
            <blockquote type="cite">
              <br>
              What do you think?
              <br>
              <br>
              I'd really like the client to not send a user/pass in the
              clear at all.  Is there some way prohibit the client from
              even trying?
              <br>
              <br>
              -Troy
              <br>
              <br>
              <br>
              <br>
              <br>
              <br>
            </blockquote>
            <br>
            <br>
          </blockquote>
          <br>
          <br>
        </blockquote>
        <br>
        <br>
      </blockquote>
      <br>
      <br>
    </blockquote>
    <br>
    <div class="moz-signature">-- <br>
      I'd really appreciate it if you could take a moment to <a
        href="https://www.facebook.com/SurgeMail-194672027239873">
        like us on FaceBook</a>, thanks heaps! ChrisP.
    </div>
  </body>
</html>

--------------B93451EF41ABD4D4F0A23F32--