Authenticated SMTP outbound with Domino?

by Volker Weber

Now this will be interesting. We are trying to save my Domino server from being obsolete.

I will need to send my outbound SMTP mail over relays that require authentication. So far I have been able to send them to open relays but those die quickly. I would also be able to deliver directly but many servers will not accept mail from my lowly domain.

AFAIK there is no option in Domino to send SMTP mail over authenticated sessions. It can only do that inbound. Is that true? If it is I would be interested to learn about a workaround.

Comments

SMTP authentication is for email clients, not servers - servers deliver their own mail or relay it to one that can. Many ISP's down here in NZ offer a mail relay (SMTP Queue) that can be set to accept your IP as part of its local network and hence happily route mail for you.

Otherwise the server needs to do the hard work itself - are things so bad that your server has mail rejected because of your 'lowly' domain? What basis I wonder do they not accept your mail? Thats like reverse ORBZ - not big enough? bugger off! Crazy!

Colin Williams, 2003-02-25

I haven't tried it yet, but in the R5 server document you can set authentication options for outgoing SMTP, including client certificates. Doesn't that work ?

Jan-Piet Mens, 2003-02-25

FWIW, the R6 help explicitly says it works...

Jan-Piet Mens, 2003-02-25

Both my ISP and the SP that hosts my public site will relay mail for me. My mail server however sits behind the wall in my intranet. It is assigned an arbitrary IP address. If I want to relay mail over the SP's SMTP relay I need to authenticate. Domino does not seem to be able to do that.

I find it very disturbing that IBM has the necessary code to do that. It is in the client, which will happily authenticate with any server. They also have a POP retriever, which is also not available in the server. So instead of using their code I need to rely on all sorts of instable third party offerings.

To that end it might be better to move to a different mail server who has all these capabilities. In the end I only need a decent IMAP server with a webmail interface.

Volker Weber, 2003-02-25

No, Jan-Piet, I am pretty sure, it can only do that on inbound connections. If you find a way to do it on outbound connections please send me a screenshot.

Volker Weber, 2003-02-25

Correct me if I am wrong. Server authentification by receiving SMTP servers is done with reverse DNS and a check if that host name and domain name is linked to the IP number.
It doesn't matter if your server is behind a firewall with an internal IP number as the main info is the host and domain name.
I use the services of dyndns.org to get an "official" hostname. With some tools in the SMC Barricade router (or a client software such as DDCient for Linux or Windows) the host name gets regularly the currently assigned IP number by the provider.
The configured the hostname of the domino server to the hostname.dyndns.org. So far no probs.

Moritz Schroeder, 2003-02-25

My host already has a dynamic DNS address that I could use. However, when you reverse DNS a T-Online IP address you will not get the DYNDNS name. Instead you get this: p50817c64.dip.t-dialin.net

Additionally I also WANT to relay my mail via a smarthost. I think I found a workaround for this. This little service will add the SMTP authentication: http://netwinsite.com/dmail/smtpauth.htm. It looks pretty straigtforward.

Volker Weber, 2003-02-25

Colin, there are indeed SMTP servers who can authenticate against other SMTP servers with ASMTP. One example would be the SuSE Linux Open Exchange Server. From the docs:

http://sdb.suse.de/en/sdb/html/rsimai_slox_smtp_auth.html

If anything ever kills my Domino server it would be an offering like this.

Volker Weber, 2003-02-25

Volker, you are right; SMTP auth doesn't work on D6 outgoing.

Jan-Piet Mens, 2003-02-27

Solution is here now.

Volker Weber, 2003-05-02

Thanks for posting this information, it's been very helpful. For those of you running Domino on Linux, see smtpauthprox at http://bent.latency.net/smtpprox/smtpauthprox.

Requirements are perl, smtpprox 1.2, mmencode (usually in metamail package) and sharutils. I got this working for outbound mail via my ISP's relay host, after changing the following line:

if (uc(substr($what, 0, 4)) eq 'HELO') {

to

if (uc(substr($what, 0, 4)) eq 'EHLO') {

since apparently Domino prefers the EHLO command when sending mail.

Matthew Melendy, 2003-12-24

Hey Vowe! Haven't talked to you since Lotusphere! I'm trying to get a hold of Matthew Melendy. I'm trying to use his suggested solution to this 'issue', but keep coming up with problems! I have a Domino server that is running on Red Hat 9.

Ray J. Bilyk (aka The Lion King), 2004-05-25

Recent comments

Matthias König on Scriptable Widget :: Klopapier-Bestand abfragen at 11:22
Ingo Seifert on Bruce Springsteen :: Letter to you at 10:23
Nick Daisley on vivo X51 5G :: Erste Eindrücke at 09:30
Bernd Hofmann on The Queen's Gambit at 23:15
Andreas Imnitzer on The Queen's Gambit at 23:09
Julius Rummich on The Queen's Gambit at 20:42
Stefan Beermann on Visualisierung der Corona-Fallzahlen at 13:43
Thomas Lang on Visualisierung der Corona-Fallzahlen at 11:52
Thomas Kahmann on Wie gut funktioniert ANC bei den Jabra Elite 75t? at 11:12
Volker Weber on Visualisierung der Corona-Fallzahlen at 10:51
Lukas Gerlich on Visualisierung der Corona-Fallzahlen at 10:48
Oliver Regelmann on Wie gut funktioniert ANC bei den Jabra Elite 75t? at 08:42
Jan Wender on Wie gut funktioniert ANC bei den Jabra Elite 75t? at 20:33
Claudius Eßer on Jabra Elite 85t :: Erste Eindrücke at 20:05
Volker Weber on Jabra Elite 85t :: Erste Eindrücke at 19:47
Claudius Eßer on Jabra Elite 85t :: Erste Eindrücke at 19:41
Jochen Kattoll on iPhone 12 Pro :: Völlig neu und doch vertraut at 19:27
Volker Weber on iPhone 12 Pro :: Völlig neu und doch vertraut at 19:24
Volker Weber on Jabra Elite 85t :: Erste Eindrücke at 18:13
Claudius Eßer on Jabra Elite 85t :: Erste Eindrücke at 18:11
Volker Weber on iPhone 12 Pro :: Völlig neu und doch vertraut at 15:38
Jochen Kattoll on iPhone 12 Pro :: Völlig neu und doch vertraut at 15:32
Friedrich Holstein on Wie gut funktioniert ANC bei den Jabra Elite 75t? at 09:36
Oliver Simon on iPhone 12 Pro :: Völlig neu und doch vertraut at 21:34
Michael Jäckel on Wie gut funktioniert ANC bei den Jabra Elite 75t? at 20:52

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 12:47

visitors.gif

Paypal vowe