Have you ever experienced SMTP authentication behaving in a strange, weird and unexpected manner. The intention of this article is to shed some light into a few mysteries surrounding SMTP authentication. I can’t help wondering how successful will I end up with revealing those secrets.
Have you ever come across issues like people complaining outgoing emails stopped working for no reason, then you tell them to enable SMTP authentication in email client, and they come back asking you ‘why it has been working till then with out them enabling it’, leaving yourself wondering how this could possibly have happened!
Or haven’t you seen emails relaying through the server, while dealing with spamming issues, when you’re 100% sure that Open relay is disabled on server?
In order to understand this, you should have some idea about what is happening behind the scenes. Have you ever tried this:
- Configure you email client with SMTP Authentication enabled.
- Send an email.
- Disable SMTP Authentication.
- Now try sending a mail again.
What do you think? Will you be able to send the mail? If I say YES, I’m sure you take it by surprise. So did I.
Let me try explaining this – assuming the email sever is Exim. By default, Exim already has outgoing mail server authentication in place. A lot of folks are confused at first because Exim has two ways that it handles outgoing mail authentication.
When someone successfully checks their mail, Exim writes their IP and email address to files called /etc/relayhosts and /etc/relayhostsusers. These files are cleared every 30 minutes. If, during that period, you were to “uncheck” the “My outgoing mail server requires authentication” from your email client, and try to send mail through the server, it would go through as you were already “authenticated” when you checked mail (this is in essence POP before SMTP authentication).
You better don’t believe me, but try it yourself in your email client NOW.
Having said that, what will happen if I try to relay emails via my mailserver from the same computer where I have configured my email client with SMTP authentication ON? It doesn’t take much effort to digest that the mail sever should allow this, as the IP address has already been added to /etc/relayhosts while configuring email client – NO MORE SURPRISES if you have understood the first part. Many folks might think outgoing mail authentication is not active when infact it is!
Another easy way (or hard way 🙂 ) of knowing that SMTP Auth is enabled (or open relay is disabled) on your server is that the IP isn’t listed in any of real time blacklists. Spammers do regular scans and an unprotected server will be found in less than a few hours, and then listed shortly thereafter in online RBLs. If you’re not listed, you’re almost certainly already protected by SMTP Auth. Simple I know, but the logic is inescapable.
All control panels (cpanel, plesk, DirectAdmin etc) are distributed with the need for SMTP Auth (or POP-before-SMTP) before relaying turned on. That is, the default is to have SMTP Auth enabled already – so nothing needs to be done.
Remember, servers without relaying protection would be found and exploited in a matter of minutes these days by the many scanners searching for open relays.
Hope you enjoyed reading!!! 🙂
