I have a client who's got one user having problems with succesfully sending e-mail through our server. We use SMTP AUTH to prevent relaying, and this particular user moves around a lot, so putting his IP address into a whitelist isn't practical.
I've done some packet captures to see exactly what's happening, and I've determined that his e-mail client (Outlook XP, version 10.4712.4219) is authenticating OK, but then it's issuing a RSET command, which causes it to lose the authentication.
Here's the general sequence when he's sending:
EHLO (machinename)
AUTH LOGIN
(auth line one)
(auth line two)
RSET
MAIL FROM:<user>
RCPT TO:<recipient>
DATA
.....
.
QUIT
Since our server (Netscape Messaging Server 3.6) doesn't handle anti-relay at the SMTP level (the filters do that for us), it accepts the whole message. The filters then determine it was a relay attempt (since it showed no authentication when received), it's dropped into our tarpit for review.
I've tested the same sequence by telnetting into port 25, giving it my own auth lines (captured from my own session), issuing the RSET, then trying to relay. It gets caught, as you'd expect it to.
I've searched high and low for anyone having this issue with Outlook, but can't seem to find anything useful. I've personally checked his Outlook settings, and everything looks fine to me. Is there some option I'm missing?
Thanks!
I've done some packet captures to see exactly what's happening, and I've determined that his e-mail client (Outlook XP, version 10.4712.4219) is authenticating OK, but then it's issuing a RSET command, which causes it to lose the authentication.
Here's the general sequence when he's sending:
EHLO (machinename)
AUTH LOGIN
(auth line one)
(auth line two)
RSET
MAIL FROM:<user>
RCPT TO:<recipient>
DATA
.....
.
QUIT
Since our server (Netscape Messaging Server 3.6) doesn't handle anti-relay at the SMTP level (the filters do that for us), it accepts the whole message. The filters then determine it was a relay attempt (since it showed no authentication when received), it's dropped into our tarpit for review.
I've tested the same sequence by telnetting into port 25, giving it my own auth lines (captured from my own session), issuing the RSET, then trying to relay. It gets caught, as you'd expect it to.
I've searched high and low for anyone having this issue with Outlook, but can't seem to find anything useful. I've personally checked his Outlook settings, and everything looks fine to me. Is there some option I'm missing?
Thanks!