Hello,
Is there a newer surgemail version with this logging behavior fixed?
Right now we are running:
SurgeMail Version 7.2f-18, Built Jan 28 2017 10:36:33, Platform Linux_64
Key N745262 OK, emailHIDDEN@sk@wcta.net, users=10000, flags=48,
host=surgemail1.wcta.net:216.189.129.120, prod=surgemail active=1370
updates=2/Sep/2019
-Troy
On 01/30/2017 09:38 PM, surgemail-support wrote:
> Ok, I'll fix that.
>
> chrisP.
>
>
>
> On 31/01/2017 3:12 p.m., Surgemail wrote:
>> So far, this tests well. Thank you!
>>
>> I do spot one logging issue. I'm seeing an awful lot of these in
>> login_failed.log:
>>
>> 2017-01-30 20:09:13.00:4057122560: 530 530 Please use smtp port (587)
>> not (25) for email clients
>> 2017-01-30 20:09:15.00:4049438464: 530 530 Please use smtp port (587)
>> not (25) for email clients
>>
>> It should list the source IP, I think?
>>
>> -Troy
>>
>>
>> On 01/27/2017 03:40 PM, surgemail-support wrote:
>>> We will change it to reject the login attempt, I was gonna say 'no'
>>> you can't stop the client sending the login attempt, but then I
>>> realized you mostly can, so we've done that too, here is a new
>>> binary to test.
>>>
>>> http://netwinsite.com/ftp/misc/l64.tar.gz
>>>
>>> with:
>>> g_smtp_portauth "587"
>>> g_smtp_portforce "TRUE"
>>>
>>> This is a beta, keep your old surgemail binary just in case :-)
>>>
>>> ChrisP.
>>>
>>>
>>> > I think surge, with this configuration, should ignore the
>>> user/pass when authentication is tried and always reject with "554
>>> Please use smtp port (587) not (25)"
>>>>
>>>> What do you think?
>>>>
>>>> I'd really like the client to not send a user/pass in the clear at
>>>> all. Is there some way prohibit the client from even trying?
>>>>
>>>> -Troy
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
|
