Solved

SMTP, CFMAIL, and CF5 - authentication?

Posted on 2004-03-31
11
518 Views
Last Modified: 2013-12-24
How can I send a message from CF5 to an IIS SMTP virtual server that requires authentication? I need to lock down relaying so I don't become a spam zombie.
0
Comment
Question by:brianlees
  • 6
  • 4
11 Comments
 
LVL 5

Expert Comment

by:Seth_Bienek
ID: 10727494
I am fairly certain that the syntax for CF5x is:

<cfmail... server="mail.myserver.org" username="myusername" password="mypassword"... >

Take Care,

Seth
0
 

Author Comment

by:brianlees
ID: 10727530
Actually, it came back with a big fat no on that...I think it is only versions higher than 5.   I get the following CF error:

Error Diagnostic Information
Just in time compilation error

An unknown attribute 'username' has been encountered at document position (23:172) to (23:179) while processing tag CFMAIL. This tag can only take the following attributes:

BCC
CC
FROM
GROUP
GROUPCASESENSITIVE
MAILERID
MAXROWS
MIMEATTACH
PORT
QUERY
SERVER
STARTROW
SUBJECT
TIMEOUT
TO
TYPE
The last successfully parsed CFML construct was a CFMAIL tag occupying document position (23:1) to (23:7).
0
 
LVL 5

Expert Comment

by:Seth_Bienek
ID: 10727572

You might be hosed.  You can try the CFMX format, but I doubt it'll work.  Couldn't hurt, though:

<cfmail... server="username:password@mail.myserver.org">

Again, I'm 99% sure this will bomb, but without having CF5 running anywhere here, I can't test it myself.

Good luck!

Seth
0
 
LVL 1

Expert Comment

by:Joker1975
ID: 10734961
Can you get the mail server to trust the IP address of your CF server?

A long shot (I've never tried it) might be cfmailparam
http://livedocs.macromedia.com/coldfusion/5.0/CFML_Reference/Tags66.htm#1101294

Syntax
<cfmail   to = "recipient"  subject = "msg_subject"  from = "sender"  ...more attibutes... >
  <cfmailparam     file = "file-name" >
  or
  <cfmailparam     name = "header-name"     value = "header-value" >
  ...
</cfmail>

so you might be able to do something like
<cfmailparam name="username" value = "#form.username#">
<cfmailparam name="password" value = "#form.password#">

I don't know if it'll work, but I thought it was worth mentioning
0
 

Author Comment

by:brianlees
ID: 10734983
The mail server is on the same box as the CF server.  It is just the standard SMTP virtual server in IIS.  Anonymous is turned off, so I need to authenticate.
0
New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

 
LVL 5

Expert Comment

by:Seth_Bienek
ID: 10735019
You can go into your SMTP settings and allow anonymous connections from 127.0.0.1, and you'll be good to go!
0
 

Author Comment

by:brianlees
ID: 10735041
...and I would have to ensure that our firewall is set up to restrict telnet on port 25 to the box?  I mean, if you telnet on port 25, aren't you now "local"?
0
 
LVL 5

Expert Comment

by:Seth_Bienek
ID: 10735076
No, it would actually require authentication, unless the remote IP was 127.0.0.1 (loopback ip).

All telnetting on port 25 does is open a direct connection to the smtp server.  You could technically send an email this way, but you would either need to authenticate or be connecting from the server itself for even this to work.

Make sense?

Seth
0
 

Author Comment

by:brianlees
ID: 10735096
So the loopback is only for "connections" originating from the machine, am I correct?
0
 
LVL 5

Accepted Solution

by:
Seth_Bienek earned 50 total points
ID: 10735111
...As a note, ANY incoming connections to port 25 on that server should be blocked anyway, since you don't use the server for sending mail from anything but itself.

So, if you have a firewall, by all means block incoming connections to that port (just for added security), and any others that you do not explicitly need.

Outgoing connections for port 25 will need to remain open though.

Seth
0
 
LVL 5

Expert Comment

by:Seth_Bienek
ID: 10735124
Yes.

127.0.0.1 is a loopback IP for pretty much any machine (all OS's that I know of).

Seth
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Htaccess - if subdomain "dev." 2 74
Forbidden errors 5 123
IIS 404 Error on website Automatic Redirect to /help 5 50
Best practices for sharing large amounts of data 9 57
This is a guide to setting up a new WHM/cPanel Server to be used for web hosting accounts. It is intended for web hosting company administrators and dedicated server owners. For under $99 per month (considering normal rate of Big Data Cetnters like …
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now