cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1219
Views
5
Helpful
1
Replies

Vendor to send email requires username/password

Doug Maxfield
Level 1
Level 1

Good Morning,

I have a VESA on our internal network that doesn't require a username/password to send emails to it.  Never had any issues.  Have a new vendor product that sends email notifications and in their configuration, they say they require a username/password in their setup.  Is there a way to set something up for this vendor with a username/password but allow all of the existing configurations to continue to send without a username/password?

Any help is appreciated.

 

Thanks!!

Doug

1 Accepted Solution

Accepted Solutions

Yes...
Create a user in your AD that is in no actually used groups... create a "SMTPAuthOnly" group, add this user to it, set this users primary group to SMTPAuthOnly, remove it from Domain Users.
Go to System Administration/LDAP, and set up the SMTP auth query in your LDAP to only find this user.
Under Network/SMTP Authentication, set up a profile, pointed at your AD LDAP, and using the SMTP auth query. For the allowance query (eg, who can actually use this connector) you can use something like
(&(sAMAccountName={u})(memberOf=SMTPAuthOnly,OU=Groups,OU=IT,DC=ad,DC=DougsCompany,DC=com))
Set up a new listener. You can set it up on a new ip, or on current IP, but new port. On the Listener, you set the SMTP Authentication profile.
Set up the sender group to be only the IPS you need to allow this from, and with whatever mail flow policy you'll need, and deny any other ips access.
Test...

We had to expose this as a relay to a cloud service, so we firewalled it to the known sending IPs, along with the sender group limits... so we're covered twice..

View solution in original post

1 Reply 1

Yes...
Create a user in your AD that is in no actually used groups... create a "SMTPAuthOnly" group, add this user to it, set this users primary group to SMTPAuthOnly, remove it from Domain Users.
Go to System Administration/LDAP, and set up the SMTP auth query in your LDAP to only find this user.
Under Network/SMTP Authentication, set up a profile, pointed at your AD LDAP, and using the SMTP auth query. For the allowance query (eg, who can actually use this connector) you can use something like
(&(sAMAccountName={u})(memberOf=SMTPAuthOnly,OU=Groups,OU=IT,DC=ad,DC=DougsCompany,DC=com))
Set up a new listener. You can set it up on a new ip, or on current IP, but new port. On the Listener, you set the SMTP Authentication profile.
Set up the sender group to be only the IPS you need to allow this from, and with whatever mail flow policy you'll need, and deny any other ips access.
Test...

We had to expose this as a relay to a cloud service, so we firewalled it to the known sending IPs, along with the sender group limits... so we're covered twice..
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: