SMTP AUTH

SMTP AUTH SearchSearch
NowSMS Support Forums ⬆
NowSMS Support - MMS & Advanced Issues ⬆
Archive through July 14, 2004 ⬆
   
Author Message
Anonymous
 
Posted on Saturday, March 06, 2004 - 02:23 am:   
I am testing ver 5.01 and found a strange problem.
If I enable "Require AUTH" I can not anymore sne messages to user@mms.domain.com, it needs SMTP AUTH which doesn't make sens for global internet use. If I disable this feature then anyone can send +number@sms.domain.com without SMTP authentication which is very insecure, pluse doesn't allow any kind of billing. I believe the AUTH setup should not be global and should always be required for buld SMS sending and should be optional for SMTP->MMS sending.
Please advise
Wojtek
Bryce Norwood - NowSMS Support
Board Administrator
Username: Bryce

Post Number: 2029
Registered: 10-2002
Posted on Tuesday, March 09, 2004 - 07:58 pm:   
Hi Wojtek,

I'm sorry, but I don't understand your question.

quote:

If I enable "Require AUTH" I can not anymore sne messages to user@mms.domain.com, it needs SMTP AUTH which doesn't make sens for global internet use.



Correct. This setting is performing as it is supposed to. It is for use in environments where only properly configured clients connecting with SMTP AUTH can submit messages.

quote:

f I disable this feature then anyone can send +number@sms.domain.com without SMTP authentication which is very insecure, pluse doesn't allow any kind of billing.



That is not normal behaviour. Did you edit MMSC.INI to add an "SmtpIPAddressList=" parameter? That is the only explanation that I could see for this type of behaviour. (See http://support.nowsms.com/discus/messages/1/460.html for a description of that parameter.)

Let me explain how the SMTP AUTH logic should work.

1.) If "SMTPIPAddressList" setting is present, any messages from the specified IP addresses will be accepted without requiring any AUTH.

2.) If "Require AUTH" is checked, then excepting #1 above, no messages will be accepted unless the client authenticates with SMTP AUTH.

3.) If "Require AUTH" is not checked, then messages will be accepted for alias@mms/sms.domain.name or phonenumber@mms/sms.domain.name, where the "alias" or "phonenumber" is defined in the "MMSC Users" list.

4.) Excepting any of the above conditions, any messages addressed to phonenumber@mms/sms.domain.name, where phonenumber is not associated with a user defined in the "MMSC Users" list will not be accepted without SMTP AUTH.

-bn
Anonymous
 
Posted on Wednesday, March 10, 2004 - 02:54 am:   
I understand now.
SO, in summary; Under normal circumstances one would not use SMTP AUTH if want to provide MMS-SMTP gateway, but if smtp->sms is required then IP range should be limited.
Am I correct?
Thanks,
Wojtek
Bryce Norwood - NowSMS Support
Board Administrator
Username: Bryce

Post Number: 2063
Registered: 10-2002
Posted on Wednesday, March 10, 2004 - 04:42 pm:   
quote:

SO, in summary; Under normal circumstances one would not use SMTP AUTH if want to provide MMS-SMTP gateway, but if smtp->sms is required then IP range should be limited.
Am I correct?



Hi Wotjek,

It depends on what you're trying to accomplish. The limited IP range does seem to work best for most users.

-bn
Search Search Search Last 30 Days Login / Register Logout

NowSMS Technical Bulletins
Read more