Mauro
My feedback
1 result found
-
1 vote
Hello,
Thank you for sharing your ideas with us. I have split your ideas into multiple items.
If I’m understanding correctly, you would like an option to exclude domain mail server from the requirement for authentication credentials must match those of the email sender. Is that correct?
I also wanted to mention that Location Screening may help you to secure your server. It allows you to only allow authentication from specific areas of the world. So for example, if all of your users were in Italy, you could restrict SG to only allow SG from within Italy.
Thanks,
ArronAn error occurred while saving the comment Mauro shared this idea ·
Hi,
consider this scenario:
- Multiple domains on the same system. I cannot configure different SMTP Authentication configuration because local users became “remote” (see my ticket attached to this email)
- Needs to configure SMTP authentication to enable DKIM signing
- Exchange server who uses SG for sending email
In this scenario I need to enable SMTP Authentication and I will configure my Exchange server to authenticate with SG using a dedicates user (for example I create a domain on SG named exchange.diennea.lan with SMTP authentication configured)
If someone steal this credential OK: he could send email from external and I cannot prevent this but I can set up a very strong password to reduce this risk.
But if someone steal just the credential of some generic users he could send email impersonating someone else….
If SG could recognize SMTP Server authentication (instead users SMTP authentication) I can prevent this because I will set up the configuration who prevent user A to send email as user B.
So if a server from specific IP address will authenticate to SG it could sends email as whatever users (and email will be signed by DKIM) but an authenticated user could send email as himself.