[ngw] 2012 GWIA and SSL/TLS

Joe Acquisto-j4 joea at j4computers.com
Tue Jan 18 15:56:26 UTC 2022


. . .
> I put that aside for the moment and am now pointing it to an postfix 
> instance on another server I
> had setup for incoming spam filtering.  With a bit of trial and error, 
> especially generating CA and
> certs with openssl, it is happily conversing and sending mail  to ISP.  And 
> they only blocked me
> once for a short time after a couple of botched attempts due to using SWAK 
> for testing.  Live and
> learn.   
> 
> Probably will still pursue the GWIA though as the do talk over the wire, 
> even though it is in house.
> 
> joe a.
> 
> 

There remains one issue of certain emails seeming to require authentication when submitted to GWIA from the sending service.   I am having some trouble isolating it to an issue with GWIA configuration or the sending system configuration.   These emails come in with the "to" address having been rewritten to a user created a while back specifically to receive emails.

I can see that authentication is attempted and fails between GWIA and the sending unit.

0:22:32 B42F DMN: MSG 407021 Accepted connection: [aaa.bbb.ccc.222] ()
10:22:32 B488 DMN: MSG 407022 Accepted connection: [aaa.bbb.ccc.222] ()
10:22:32 B488 DMN: MSG 407022 SMTP upgraded to a secure connection.
10:22:32 B42F DMN: MSG 407021 SMTP upgraded to a secure connection.
10:22:32 B488  Successful login with client/server access: aaa.bbb.ccc.230:1677
10:22:32 B488 DMN: MSG 407022 Inbound AUTH failure (D019)
10:22:32 B42F  Successful login with client/server access: aaa.bbb.ccc.230:1677
10:22:32 B42F DMN: MSG 407021 Inbound AUTH failure (D019)
10:22:32 B42F DMN: MSG 407021 SMTP session ended: [aaa.bbb.ccc.222] ()
10:22:32 B488 DMN: MSG 407022 SMTP session ended: [aaa.bbb.ccc.222] ()

I am leaning toward this being an issue with the configuration of the sending system, (or, horrors, a bug) as, in a slightly different configuration, authentication is not requested.   

In any event I am looking for a way to disable authentication, internet facing, incoming.  Under "Security Setting", "Verify sender's identity" is  "Not active". So it is a bit puzzling why GWIA appears to be attempting to authenticate at all.

joe a





More information about the ngw mailing list