Topic: Enable relay for specific host

[sirconna]

Hello

I've been using SME now for about 1 year and currently install it at all my customers. Excellent product.

Now I've run into a snag regarding relaying. It is disabled (whic is what I want), SMTP, POP & IMAP are all secure and authentication required. I want it like that and install and configure all my mail server like that.

Problem: they have a telephone monitoring system, which mails "tele support company" on a daily basis with reports about usage etc. I installed the mail server in December (chucked the old one out); everything is fine, except for these reports.

I don't want to open relaying, nor do I want to disable authentication, nor do I want to go back to the standard protocols; I want it all secure.

How can I enable relaying for just this device's IP address.

If there is no easy solution I'm just going to tell "tele company" to find a solution for their product, so that they can enter a userrname & password.

Any ideas much appreciated.

[axessit]

If tele company can change the user the report gets sent to easily, you may be able to get sent to a local user (create one) then use the mail forwarder feature. Alternately, get tele company to change their system to use your ISP's smtp server rather than the SME, and disable mail proxy (in SME server-manager Security->Proxy Settings).

I think you can send email on local network to local users without authentication.

You may run into other problems too, like the email not being correctly formatted (no date headers). I had a photocopier with a scan to email option and went down a path trying to resolve it as the email headers weren't accepted by the new SME server, but the old M$ exchange didn't care. To cut a long story short, I ended up configuring the ISP SMTP for the copier. Now it takes about 15 minutes for the scan to get to the local user's email box, as it's routed by the ISP instead of just being local.

[CharlieBrady]

I think you can send email on local network to local users without authentication.

You can send email to local users without authentication from any network, local or remote. It's how standard email works.

[sirconna]

Hallo again

I've now tried every which way...

What I did not mention before, was this:
The telecom system sends performance reports to external addresses, NOT to the internal domain space. And that is working as it should. But the sending of their reports to their email addresses at an external domain name, does not work. I thus need to enable "external relay access" for only the monitoring PC, which is on the internal LAN (it  is alos used by an employee to do normal work related tasks) to be able to send emails to external addresses.

Here is the only "SMTP Config" with regards to the program/functionality in question; I cannot add any authentication settings etc. The program just sends to the internal mail server IP on port 25. That's it... Pretty archaic program if you ask me, but it got the job done before...

===============================
ReportsPath = C:\Galactrix\Reports

[Mail]
SMTPServer = mailserver.domain.name OR IP.address
SMTPSender = Telecom program Internally Defined Description for Sender "friendly" name
SMTPAddress = xxxxx@xxxxx.com.xxx (email addr defined in "Users" space on SMEServer)
SMTPUser = xxxxx (user account defined on SMEServer)
SMTPPass = xxxxxxxx (valid password)

[Config]
===============================

Please tell me, someone has an answer?

Thanks in advance

[mmccarn]

It looks like you can allow open smtp relay for one host as follows (replace a.b.c.d with the LAN ip of the workstation running the monitoring app):

Code: [Select]

mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/relayclients
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/relayclients
echo 'a.b.c.d' > 10CustomAllowRelay
signal-event email-update

However, you'll be more secure if you create an alias on your SME server that forwards to the vendor's mailbox, then reconfigure the app to send alerts to the SME alias.  Or, reconfigure the app to use the vendor's SMTP server instead of your SME (and disable the SMTP proxy on your SME if it is currently enabled)

[sirconna]

Hi

Thanks for the help... I'll give the alias a try first, then if all else fails...

Much appreciated.