Received-SPF: pass (Last token {+mx} (res=PASS)) client-ip=70.35.205.71; envelope-from=<lyle@lcrcomputer.info>; x-ip-name=ns3.lcrcomputer.net;
X-Received: from ns3.lcrcomputer.net (ns3.lcrcomputer.net [70.35.205.71])
by netwin.co.nz (SurgeMail 7.7d) with ESMTP (TLS) id 6212372-1391920
for <surgemail-list@netwin.co.nz>; Thu, 23 Feb 2023 16:36:48 +0000
X-Return-Path: lyle
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=73.211.210.143; envelope-from=<lyle@lcrcomputer.info>;
X-Received: from mail3.lcrcomputer.net (unverified [73.211.210.143])
by ns3.lcrcomputer.net (SurgeMail 7.6h) with ESMTP (TLS) id 405403-1235687
for <surgemail-list@netwin.co.nz>; Thu, 23 Feb 2023 16:36:44 +0000
X-Return-Path: lyle
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lcrcomputer.info;
s=default; t=1677170204;
bh=AePufGs1a+ezSis0j6BDjugBp46f3A9MB+5JW8OxUcU=;
h=Date:Subject:To:From;
b=e+17MAzXz9FXiscwtCy3Zkh88qx/gLs1vXc3GfuT9xbxGCMMk0oXaSzF9XWpwiLbE
20kb0mcn41DXTqd8A9mobliqo/QjYuU5satrLoI5wzwQE2/o6hBeF5sJqInF/6Tlg9
qwIOZspsYDqnYQKDS0OPf2EO9l/P5k0QgiGRF0g8=
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=192.168.250.160; envelope-from=<lyle@lcrcomputer.info>;
X-Received: from [192.168.250.160] (unverified [192.168.250.160])
by mail3.lcrcomputer.net (SurgeMail 7.6u) with ESMTP (TLS) id 571228-1794114
for <surgemail-list@netwin.co.nz>; Thu, 23 Feb 2023 10:36:43 -0600
X-Return-Path: lyle
Message-ID: <760e1356-0191-0844-64bd-31ecce28d11b@lcrcomputer.info>
Date: Thu, 23 Feb 2023 10:36:43 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.8.0
Subject: Re: [SurgeMail List] SMTP Auth on smart host
Content-Language: en-US
To: surgemail-list@netwin.co.nz
References: <5ee5ec1d-f00b-f0d5-7765-65ea38ea3283@lcrcomputer.info>
<d941bbca-92fb-e56c-ab80-61ac637ff079@netwin.co.nz>
<cb30c854-8bcc-745a-28d6-2c1858c73e76@lcrcomputer.info>
<5c7ca328-fc18-a0e6-d7d2-e6ae9ef04a3f@netwin.co.nz>
From: Lyle Giese
In-Reply-To: <5c7ca328-fc18-a0e6-d7d2-e6ae9ef04a3f@netwin.co.nz>
Content-Transfer-Encoding: 8bit
X-X-Authenticated-User: lyle@lcrcomputer.com
X-X-Qnum: 405403
X-X-Authenticated-User: auth_admin@ns3.lcrcomputer.net
X-Originating-IP: 70.35.205.71
X-Country: code=US country="United States" ip=70.35.205.71
X-Qnum: 6212372
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-SpamDetect: *: 1.0 sd=1.0 lv=0.00 nok=16/0 m=12 nf=0 Close 0.04(X-myrbl:Color=white) 0.10(X-SpamContent:clean) 0.90(X-Phrase:isspam) 0.37(X-Verify-Helo:+OK) 0.40(genuine) 0.40(dkimok) 0.41(StandardTLD) 0.42(X-NotAscii:utf) 0.48(spfpass) 0.49(X-LangGuess:English) Saned 5.0 Sval 1.0 bsan 5.0 Moved 5.0->1.0 Sval 1.0
X-NotAscii: charset=utf-8;
X-SpamContent: Clean
X-LangGuess: English
X-Phrase: IsSpam score=1.00
X-Verify-Helo: +OK ns3.lcrcomputer.net
X-Dmarc: none, from=lyle@lcrcomputer.info, dkim=Good known=True spf=True
Authentication-Results: netwin.co.nz header.from=lcrcomputer.info; dkim=pass (good signature)
X-Encryption: SSL encrypted
X-MyRbl: Color=White Age=459 Spam=0 Notspam=0 Stars=0 Good=12 Friend=14 Surbl=0 Catch=0 r=0 ip=70.35.205.71
X-IP-stats: Incoming Outgoing Last 1, First 770, in=632, out=92, spam=0 Known=true ip=70.35.205.71
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
From a security standpoint, if we deny a service on port x, why should
the error message tell the other party what port to find that service on?
The user should call their provider if necessary and ask. At least you
have a chance to vet the caller to confirm they need that info.
And besides the normal user using a real email client program will never
see this message anyways.
Thanks,
Lyle Giese
On 2/22/23 14:54, Surgemail Support wrote:
> Currently no.
>
> ChrisP
>
> On 23/02/2023 2:34 am, Lyle Giese wrote:
>> Can I modify this message?
>>
>> 2023-02-21 16:09:36.34:841017088: 530 530 Please use smtp port
>> (xxx5,xxx5) not (25) for email clients (x.x.x.x)
>>
>> I would rather it state, this port(25) is not for client email use.
>> Contact email support for more info(x.x.x.x)
>>
>> Or something along those lines. Primarily to drop the auth ports in
>> the message.
>>
>> Thanks,
>>
>> Lyle Giese
>>
>> On 2/20/23 18:09, Surgemail Support wrote:
>>> You can set:
>>>
>>> g_smtp_portauth "587,465"
>>>
>>> g_smtp_portforce "true"
>>>
>>>
>>> ChrisP.
>>>
>>>
>>>
>>> On 21/02/2023 1:03 pm, Lyle Giese wrote:
>>>> I am running a smart host using the community edition of Surgemail.
>>>> No mailboxes. Simply forwarding inbound and outbound email from my
>>>> servers at home(registered Surgemail servers).
>>>>
>>>> I am getting a lot of Auth attempts via port 25:
>>>>
>>>> 2023-02-20 00:09:24.80:2993407744: 535 Login not permitted domain
>>>> does not exist (payroll@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>> 2023-02-20 00:22:00.18:2996049664: 535 Login not permitted domain
>>>> does not exist (production@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>> 2023-02-20 00:34:35.46:2993407744: 535 Login not permitted domain
>>>> does not exist (program@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>> 2023-02-20 00:47:09.81:2996049664: 535 Login not permitted domain
>>>> does not exist (rafael@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>> 2023-02-20 00:59:45.80:2994464512: 535 Login not permitted domain
>>>> does not exist (reception@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>> 2023-02-20 01:12:31.39:2994464512: 535 Login not permitted domain
>>>> does not exist (remote@70.35.205.71) (70.35.205.71) 185.254.37.70
>>>>
>>>> I did verify the connects are via port 25. I use a different port
>>>> with auth enabled for outbound email from my servers.
>>>>
>>>> Is there a way to disallow auth attempts on port 25? If someone
>>>> tries to authenicate on port 25, drop them.
>>>>
>>>> Thanks,
>>>> Lyle Giese
>>>>
>>>>
>>>
>>
>
|