Problem connecting to backend exchange server with TLS and Authentication

67 views
Skip to first unread message

Lauren Kelly-Washington

unread,
Apr 27, 2015, 3:03:41 PM4/27/15
to mir...@googlegroups.com
What is the best approach to using Mireka to connect to a backend exchange 2010 server that requires TLS with certificate and username/password authentication?

Should I use the Mireka SmartHost feature or configure the Authentication user in the global-users.js file, or take another approach?


Thanks, Lauren

HONTVÁRI Levente

unread,
Apr 27, 2015, 3:29:19 PM4/27/15
to mir...@googlegroups.com
Yes, the smarthost feature would be the solution, because that can authenticate in his own name (in contrast to the proxy mode). But it is still not good enough, because it cannot do TLS. TLS is implemented for incoming SMTP and POP3 connections, but not for outgoing SMTP.
--

---
You received this message because you are subscribed to the Google Groups "Mireka mail server and SMTP proxy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mireka+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Lauren Kelly-Washington

unread,
Apr 27, 2015, 5:43:53 PM4/27/15
to mir...@googlegroups.com
Thanks for quick reply. Do you think it would be possible to add a custom filter that would tell Mireka to use a certificate trust store and to enable outgoing TLS?

HONTVÁRI Levente

unread,
Apr 28, 2015, 2:50:25 AM4/28/15
to mir...@googlegroups.com
The SmartClient class of the SubEthaSMTP library is responsible for the lowest level of client-to-server communication. I would update that to add TLS support. It was surpisingly easy when I did it on POP3. The TLS connection class in the JRE can wrap an already existing TCP connection and start a TLS negotiation with the other side. The TLS configuration could be stored in the BackendServer class.

I would not bother with adding a filter, because this is basic server functionality.

Lauren Kelly-Washington

unread,
Apr 29, 2015, 12:39:53 PM4/29/15
to mir...@googlegroups.com
That sounds like a good approach. I will let you know if I am able to get something working.

I was also wondering, is there another way to do authentication to backend server besides using the smarthost feature. I would like Mireka to have the features like relaying.


Thanks again, Lauren

HONTVÁRI Levente

unread,
Apr 29, 2015, 1:37:59 PM4/29/15
to mir...@googlegroups.com


On 2015-04-29 18:39, Lauren Kelly-Washington wrote:
That sounds like a good approach. I will let you know if I am able to get something working.

Great!



I was also wondering, is there another way to do authentication to backend server besides using the smarthost feature. I would like Mireka to have the features like relaying.


If you do not have to use a smarthost then Mireka can relay the mail directly to the SMTP server of the target domain. There is no need for authentication.
Reply all
Reply to author
Forward
0 new messages