Howto:Configure Faxserver to accept SMTP without authentication: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
VisualWikitext
m New page: ==Applies To== This information applies to *innovaphone Faxserver <!-- Keywords: Fax Server e-mail mail email smtp authentification password --> ==More Information== ===Problem Detai...
 
No edit summary
 
(7 intermediate revisions by 3 users not shown)
Line 1: Line 1:
'''This article is obsolete.''' The function ''SMTP without authentication'' is included in the Fax server application version V10 SR13 or later. See also [[Reference10:Concept Faxserver#Authorized Hosts | Authorized Hosts in Reference10:Concept Faxserver]].
==Applies To==
==Applies To==


This information applies to
This information applies to


*innovaphone Faxserver
*innovaphone Faxserver (till version 10 SR12)


<!-- Keywords: Fax Server e-mail mail email smtp authentification password  -->
== Security Alert ==
The innovaphone Faxserver accepts incoming SMTP connections only with authentication due to security reasons. The solution described here is '''not recommended''' by innovaphone.
If this setting is changed as described in this article, it is ''possible to send fax messages using your fax server to any destination for anybody, who can reach the Faxserver via IP''.
===Use an SMTP-Client on Users PC===
Instead, you may consider to set-up your user PCs so that they send outgoing faxes directly to the fax server via authenticated SMTP.
Usually E-Mail client applications, like Mozilla Thunderbird or Microsoft Outlook, are able to send E-Mails via SMTP with authentication. In Thunderbird it is possible to add an additional SMTP Server, and in Outlook an additional Mail Account pointing to the Faxserver as SMTP Server.


<!-- Keywords: Fax Server e-mail mail email smtp authentification password  -->
==More Information==
==More Information==
===Problem Details===
===Problem Details===
The innovaphone Faxserver accepts incoming SMTP connections only with authentication due security reasons. It is '''not recommended''' to change this setting, otherwise it is possible to send fax messages to any numbers for anybody, who can reach the Faxserver via IP.
In cases it is not possible to configure outgoing SMTP authentication on the E-Mail server, following possible solutions are available:
 
In cases it is not possible to configure outgoing SMTP authentication on the E-Mail server and your Faxserver is operation in a secured network, it is possible to change settings on the Linux AP hosting the Faxserver in order no SMTP authentication is required for inbound connections.


===Configuration===
* Use a local E-Mail client like Mozilla Thunderbird or Microsoft Outlook to send Fax E-Mails directly to the Faxserver using SMTP Authentication
* In case your Faxserver is operating in a secured network, it is possible to change settings on the Linux AP hosting the Faxserver in order no SMTP authentication is required for inbound connections.


===Configuration with disabled Authentication===
At the moment only manual change of the configuration files on Linux is possible to disable SMTP Authentication:
At the moment only manual change of the configuration files on Linux is possible to disable SMTP Authentication:


For the first you have to put the IP address of the SMTP server under <code>/etc/postfix/main.cf</code>:
For the first you have to put the IP address of the SMTP server under <code>/etc/postfix/main.cf</code>:
Line 23: Line 31:
  mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.31.9.10
  mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.31.9.10


E.g. 172.31.9.10at the end of the line is my SMTP server.
E.g. 172.31.9.10 at the end of the line is my SMTP server.
 
 


The second file to change is <code>/var/mail/vhosts/catchall.faxserver/.dovecot.sieve</code>
The second file to change is <code>/var/mail/vhosts/catchall.faxserver/.dovecot.sieve</code>


The original file contains:
The original file contains:
Line 40: Line 45:
  }
  }


 
The line with "discard;" must be changed to "redirect "default@redirected.faxserver"; stop;", like this:
 
The line with "discard;" must be changed to "redirect "default@redirected.faxserver"; stop;" , like this:


  require ["variables"];
  require ["variables"];
Line 52: Line 55:
  }
  }


It is important to match "default" with the User of the Mail Configuration of the Faxserver. So the Name of the SMTP User is used in this example was "default".


It is important to match "default" with the User of the Mail Configuration of the Faxserver. So the Name of the SMTP User is used in this example was "default".
To apply the changes reload the config by restarting the postfix service:


postfix stop
postfix start


== Related Articles ==
== Related Articles ==

Latest revision as of 11:02, 16 January 2017

This article is obsolete. The function SMTP without authentication is included in the Fax server application version V10 SR13 or later. See also Authorized Hosts in Reference10:Concept Faxserver.

Applies To

This information applies to

  • innovaphone Faxserver (till version 10 SR12)

Security Alert

The innovaphone Faxserver accepts incoming SMTP connections only with authentication due to security reasons. The solution described here is not recommended by innovaphone.

If this setting is changed as described in this article, it is possible to send fax messages using your fax server to any destination for anybody, who can reach the Faxserver via IP.

Use an SMTP-Client on Users PC

Instead, you may consider to set-up your user PCs so that they send outgoing faxes directly to the fax server via authenticated SMTP.

Usually E-Mail client applications, like Mozilla Thunderbird or Microsoft Outlook, are able to send E-Mails via SMTP with authentication. In Thunderbird it is possible to add an additional SMTP Server, and in Outlook an additional Mail Account pointing to the Faxserver as SMTP Server.

More Information

Problem Details

In cases it is not possible to configure outgoing SMTP authentication on the E-Mail server, following possible solutions are available:

  • Use a local E-Mail client like Mozilla Thunderbird or Microsoft Outlook to send Fax E-Mails directly to the Faxserver using SMTP Authentication
  • In case your Faxserver is operating in a secured network, it is possible to change settings on the Linux AP hosting the Faxserver in order no SMTP authentication is required for inbound connections.

Configuration with disabled Authentication

At the moment only manual change of the configuration files on Linux is possible to disable SMTP Authentication:

For the first you have to put the IP address of the SMTP server under /etc/postfix/main.cf: 

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.31.9.10

E.g. 172.31.9.10 at the end of the line is my SMTP server.

The second file to change is /var/mail/vhosts/catchall.faxserver/.dovecot.sieve

The original file contains: 

require ["variables"];

if header :matches "Received" "*(Authenticated sender: *)*" {
        redirect "${2}@redirected.faxserver"; stop;
} else {
        discard;
}

The line with "discard;" must be changed to "redirect "default@redirected.faxserver"; stop;", like this: 

require ["variables"];

if header :matches "Received" "*(Authenticated sender: *)*" {
        redirect "${2}@redirected.faxserver"; stop;
} else {
        redirect "default@redirected.faxserver"; stop;
}

It is important to match "default" with the User of the Mail Configuration of the Faxserver. So the Name of the SMTP User is used in this example was "default".

To apply the changes reload the config by restarting the postfix service: 

postfix stop
postfix start

Related Articles

Retrieved from "https://wiki.innovaphone.com/index.php?title=Howto:Configure_Faxserver_to_accept_SMTP_without_authentication&oldid=45536"