Sep 26, 2017 Posted in Encryption, Information Security

SMTP Authentication

Hello everyone.

I am back with some more email security!

Today I’d like to talk about SMTP Authentication.
Some people may never have heard of this concept or may have simply ignored it as it seemingly may not feel that important.

However, in certain situations one may need to make use of SMTP Auth for email.

SMTP Authentication

SMTP Authentication – Outgoing Emails

As shown above in the diagram.

SMTP Auth is fairly simply to use for all incoming or outgoing emails.

Essentially, a machine has to authenticate with the central mail server.

The authentication can be done in various ways.

You can normally query LDAP, Active Directory, or some other identity management system as well as store the credentials on the mail server (not recommended).

How Does It Work?

What happens is Server A sends in a requests to Server B with a SMTP Auth command.

The mail server then will establish a connection (hopefully an encrypted TLS 1.2 connection) and ask for credentials. The account/credentials needs to exists on the email server or in your identity management system.
Once the credentials have been submitted and verified, the email system will then allow the email through to your internal mail server (exchange, hmailserver, etc..)

Why Do I Need It?

So why would we ever want to authenticate any type of emails?

Well, for starters you may have machines outside your network or out in the cloud.
Now you wouldn’t just want to give them full access to your email systems. In fact, some email servers allow outgoing emails to be relayed based off the IP address.

While that approach might be some what useful, it also means if that the IP address or server was ever compromised or spoofed. Then, someone could potentially have access to send outgoing emails through your mail servers. This gives an attacker a chance to spoof emails out from your email system. Or, even send out spam emails and cause your company and business IP addresses to become blacklisted.

SMTP Auth was created to stop spammers from gaining relay access, and impersonating users from an organization. Image if you could send out emails from a microsoft server as [email protected]. We can all say Bill would not be a happy camper! eh Bill?

There is incentive to make use of SMTP Auth for email servers that you own or trust. However, this won’t be the case for most email servers and emails that users receive. We receive and send emails on a daily basis and cannot assume all email servers can be trusted. But, SMTP is a great way to secure emails when you trust specific email servers.

Will I Be Secure With SMTP Auth Enabled?

Also remember that SMTP Auth does not guarantee authenticity. If your credentials are compromised and the IP address is spoofed. It is possible for someone to compromise your email server and other aspects that may allow access with that account. Think of SMTP as a layer of security, but don’t solely rely on it to protect you.

Well, that’s all for this blog, as I wanted to keep it simple and short.

Try SMTP out and see for yourself, and if you run into any issues feel free to leave a comment.