SMTP, CFMAIL, and CF5 - authentication?

How can I send a message from CF5 to an IIS SMTP virtual server that requires authentication? I need to lock down relaying so I don't become a spam zombie.
brianleesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth_BienekCommented:
I am fairly certain that the syntax for CF5x is:

<cfmail... server="mail.myserver.org" username="myusername" password="mypassword"... >

Take Care,

Seth
0
brianleesAuthor Commented:
Actually, it came back with a big fat no on that...I think it is only versions higher than 5.   I get the following CF error:

Error Diagnostic Information
Just in time compilation error

An unknown attribute 'username' has been encountered at document position (23:172) to (23:179) while processing tag CFMAIL. This tag can only take the following attributes:

BCC
CC
FROM
GROUP
GROUPCASESENSITIVE
MAILERID
MAXROWS
MIMEATTACH
PORT
QUERY
SERVER
STARTROW
SUBJECT
TIMEOUT
TO
TYPE
The last successfully parsed CFML construct was a CFMAIL tag occupying document position (23:1) to (23:7).
0
Seth_BienekCommented:

You might be hosed.  You can try the CFMX format, but I doubt it'll work.  Couldn't hurt, though:

<cfmail... server="username:password@mail.myserver.org">

Again, I'm 99% sure this will bomb, but without having CF5 running anywhere here, I can't test it myself.

Good luck!

Seth
0
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

Joker1975Commented:
Can you get the mail server to trust the IP address of your CF server?

A long shot (I've never tried it) might be cfmailparam
http://livedocs.macromedia.com/coldfusion/5.0/CFML_Reference/Tags66.htm#1101294

Syntax
<cfmail   to = "recipient"  subject = "msg_subject"  from = "sender"  ...more attibutes... >
  <cfmailparam     file = "file-name" >
  or
  <cfmailparam     name = "header-name"     value = "header-value" >
  ...
</cfmail>

so you might be able to do something like
<cfmailparam name="username" value = "#form.username#">
<cfmailparam name="password" value = "#form.password#">

I don't know if it'll work, but I thought it was worth mentioning
0
brianleesAuthor Commented:
The mail server is on the same box as the CF server.  It is just the standard SMTP virtual server in IIS.  Anonymous is turned off, so I need to authenticate.
0
Seth_BienekCommented:
You can go into your SMTP settings and allow anonymous connections from 127.0.0.1, and you'll be good to go!
0
brianleesAuthor Commented:
...and I would have to ensure that our firewall is set up to restrict telnet on port 25 to the box?  I mean, if you telnet on port 25, aren't you now "local"?
0
Seth_BienekCommented:
No, it would actually require authentication, unless the remote IP was 127.0.0.1 (loopback ip).

All telnetting on port 25 does is open a direct connection to the smtp server.  You could technically send an email this way, but you would either need to authenticate or be connecting from the server itself for even this to work.

Make sense?

Seth
0
brianleesAuthor Commented:
So the loopback is only for "connections" originating from the machine, am I correct?
0
Seth_BienekCommented:
...As a note, ANY incoming connections to port 25 on that server should be blocked anyway, since you don't use the server for sending mail from anything but itself.

So, if you have a firewall, by all means block incoming connections to that port (just for added security), and any others that you do not explicitly need.

Outgoing connections for port 25 will need to remain open though.

Seth
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Seth_BienekCommented:
Yes.

127.0.0.1 is a loopback IP for pretty much any machine (all OS's that I know of).

Seth
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Servers

From novice to tech pro — start learning today.