search

haraka / Haraka

A fast, highly extensible, and event driven SMTP server
https://haraka.github.io
MIT License
5.02k stars 662 forks source link

Authentication required when using TLS #1909

Closed chasent closed 7 years ago

chasent commented 7 years ago

Currently in connection.js, there exists the following block of code:

    // Require authentication on connections to port 587 & 465
    if (!this.relaying && [587,465].indexOf(this.local.port) !== -1) {
        this.errors++;
        return this.respond(550, 'Authentication required');
    }

This block is run during the MAIL command (before the plugin hook). Is this necessary? I have a plugin that authorises users based on their IP address and MAIL FROM that doesn't work on TLS, but is fine when used in plaintext.

Dexus commented 7 years ago

Hi use a plugin that is start very early and set based on your IP verification the connection.relaying=true. And you should be able to send without authentication.

EDIT: http://haraka.github.io/manual/Plugins.html

chasent commented 7 years ago

@Dexus thanks for the response. I would prefer to not set the connection.relaying=true at all as these emails are to be stored on disk for further processing, not relayed. For the moment I have this block of code removed in my testing environment as it seems somewhat arbitrary that port 25 is allowed.

chasent commented 7 years ago

Duplicate of #1873