How to Implement Authentication

How to Implement Authentication

Post by Sam » Sun, 25 Apr 2004 02:23:23


Please help...

I have just follow the instructions in the "Microsoft
Knowledge Base Article - 319356" regarding 'How to
Implement Authentication' to enable the 'Basic
authentication'.

But this causes an error "454 5.7.3 Client does not have
permission to Send As this sender" and SMTP server rejects
the incoming Email "if" the sender name (of the envelope
or header of the Email) is not a valid username (in the
Email server) even after the "Authentication successful" -
the sending party (another SMTP) is 'correctly' sending
the Authentication with a valid username and password.

This makes only people who have user accounts in this
Exchange 2000 can send Emails each other. (No problem for
internal users with the Basic authentication.)

Is this how the 'Basic authentication' is supposed to work?
If not, what I need to do to accept outside Emails (even
if sender names are unknown to my Email server) from other
servers as long as they can connect with the valid Basic
authentication protocol???
 
 
 

How to Implement Authentication

Post by darin » Mon, 17 Jan 2005 06:16:12

Hello Sam,
Authentication is only to be used if you know who will be sending you
Internet mail. For instance if your ISP is acting as an inbound relay for
SMTP mail you could set up authentication so that you would feel safe in
that you are only receiving e-mail that comes from them. However
authentication is not a good idea if SMTP hosts from around the world will
be correcting directly to you as they will always be connecting
anonymously.

Darin Roulston
Microsoft
--
Get Secure! - www.microsoft.com/security
--
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
==========================================================

--------------------
Content-Class: urn:content-classes:message
From: "Sam" < XXXX@XXXXX.COM >
Sender: "Sam" < XXXX@XXXXX.COM >
Subject: How to Implement Authentication
Date: Fri, 23 Apr 2004 10:23:23 -0700
Lines: 25
Message-ID: <36ef01c42957$ae279620$ XXXX@XXXXX.COM >
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Thread-Index: AcQpV64nGq7oJxRQRc+fJwtwuUi1fg==
Newsgroups: microsoft.public.exchange2000.transport
Path: cpmsftngxa10.phx.gbl
Xref: cpmsftngxa10.phx.gbl microsoft.public.exchange2000.transport:6124
NNTP-Posting-Host: tk2msftngxa09.phx.gbl 10.40.1.161
X-Tomcat-NG: microsoft.public.exchange2000.transport

Please help...

I have just follow the instructions in the "Microsoft
Knowledge Base Article - 319356" regarding 'How to
Implement Authentication' to enable the 'Basic
authentication'.

But this causes an error "454 5.7.3 Client does not have
permission to Send As this sender" and SMTP server rejects
the incoming Email "if" the sender name (of the envelope
or header of the Email) is not a valid username (in the
Email server) even after the "Authentication successful" -
the sending party (another SMTP) is 'correctly' sending
the Authentication with a valid username and password.

This makes only people who have user accounts in this
Exchange 2000 can send Emails each other. (No problem for
internal users with the Basic authentication.)

Is this how the 'Basic authentication' is supposed to work?
If not, what I need to do to accept outside Emails (even
if sender names are unknown to my Email server) from other
servers as long as they can connect with the valid Basic
authentication protocol???


{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\f0\fs20 Hello Sam,
\par Authentication is only to be used if you know who will be sending you Internet mail. For instance if your ISP is acting as an inbound relay for SMTP mail you could set up authentication so that you would feel safe in that you are only receiving e-mail that comes from them. However authentication is not a good idea if SMTP hosts from around the world will be correcting directly to you as they will always be connecting anonymously.
\par
\par Darin Roulston
\par Microsoft
\par --
\par Get Secure! - www.microsoft.com/security
\par --
\par When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue.
\par --
\par
 
 
 

How to Implement Authentication

Post by darin » Mon, 17 Jan 2005 06:16:57

Hello Sam,
Authentication is only to be used if you know who will be sending you
Internet mail. For instance if your ISP is acting as an inbound relay for
SMTP mail you could set up authentication so that you would feel safe in
that you are only receiving e-mail that comes from them. However
authentication is not a good idea if SMTP hosts from around the world will
be correcting directly to you as they will always be connecting
anonymously.
Darin Roulston
Microsoft
--
Get Secure! - www.microsoft.com/security
--
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
==========================================================

--------------------
Content-Class: urn:content-classes:message
From: "Sam" < XXXX@XXXXX.COM >
Sender: "Sam" < XXXX@XXXXX.COM >
Subject: How to Implement Authentication
Date: Fri, 23 Apr 2004 10:23:23 -0700
Lines: 25
Message-ID: <36ef01c42957$ae279620$ XXXX@XXXXX.COM >
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Thread-Index: AcQpV64nGq7oJxRQRc+fJwtwuUi1fg==
Newsgroups: microsoft.public.exchange2000.transport
Path: cpmsftngxa10.phx.gbl
Xref: cpmsftngxa10.phx.gbl microsoft.public.exchange2000.transport:6124
NNTP-Posting-Host: tk2msftngxa09.phx.gbl 10.40.1.161
X-Tomcat-NG: microsoft.public.exchange2000.transport

Please help...

I have just follow the instructions in the "Microsoft
Knowledge Base Article - 319356" regarding 'How to
Implement Authentication' to enable the 'Basic
authentication'.

But this causes an error "454 5.7.3 Client does not have
permission to Send As this sender" and SMTP server rejects
the incoming Email "if" the sender name (of the envelope
or header of the Email) is not a valid username (in the
Email server) even after the "Authentication successful" -
the sending party (another SMTP) is 'correctly' sending
the Authentication with a valid username and password.

This makes only people who have user accounts in this
Exchange 2000 can send Emails each other. (No problem for
internal users with the Basic authentication.)

Is this how the 'Basic authentication' is supposed to work?
If not, what I need to do to accept outside Emails (even
if sender names are unknown to my Email server) from other
servers as long as they can connect with the valid Basic
authentication protocol???


{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\f0\fs20 Hello Sam,
\par Authentication is only to be used if you know who will be sending you Internet mail. For instance if your ISP is acting as an inbound relay for SMTP mail you could set up authentication so that you would feel safe in that you are only receiving e-mail that comes from them. However authentication is not a good idea if SMTP hosts from around the world will be correcting directly to you as they will always be connecting anonymously.
\par Darin Roulston
\par Microsoft
\par --
\par Get Secure! - www.microsoft.com/security
\par --
\par When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue.
\par --
\par This post