So far, this tests well.  Thank you!

I do spot one logging issue.  I'm seeing an awful lot of these in 
login_failed.log:

2017-01-30 20:09:13.00:4057122560: 530 530 Please use smtp port (587) 
not (25) for email clients
2017-01-30 20:09:15.00:4049438464: 530 530 Please use smtp port (587) 
not (25) for email clients

It should list the source IP, I think?

-Troy


On 01/27/2017 03:40 PM, surgemail-support wrote:
> We will change it to reject the login attempt, I was gonna say 'no' 
> you can't stop the client sending the login attempt, but then I 
> realized you mostly can, so we've done that too, here is a new binary 
> to test.
>
>     http://netwinsite.com/ftp/misc/l64.tar.gz
>
> with:
> g_smtp_portauth "587"
> g_smtp_portforce "TRUE"
>
> This is a beta, keep your old surgemail binary just in case :-)
>
> ChrisP.
>
>
> > I think surge, with this configuration,  should ignore the user/pass 
> when authentication is tried and always reject with "554 Please use 
> smtp port (587) not (25)"
>>
>> What do you think?
>>
>> I'd really like the client to not send a user/pass in the clear at 
>> all.  Is there some way prohibit the client from even trying?
>>
>> -Troy
>>
>>
>>
>>
>>
>
>