SMTP Relay auth not working

I think, there is the wrong expectation about this feature. 

Authenticated Relay expect an "live user" in the Live user tab and does not offer a SMTP transmission auth. 

So where is the SMTP transmission auth gone ? There are nothing like Email proxy looking like UTM email proxy and be so different at the end.

Like mentioned before. XG needs an "Live User". 

SMTP Transmission auth is something else. 

https://en.wikipedia.org/wiki/SMTP_Authentication

This is not implemented in the MTA of XG. 

(And to be honest, i did not like this option on UTM either - Most of the time, it could block your users on AD). 

For which reason do you need a Authentication relay? 

I quite understand you. I have never had problem with auth relay on UTM but I do not use AD.

All the SMTP traffic works well except for my clients outside sending emails from the WAN and trying to authenticate. I am sorry to not understand fully your concept of live user although it seems attractive. How to make them live users ?

So basically a live user is a user which is authenticated against XG.

STAS, SATC, SSO Client, NTLM, Captive Portal can authenticate against XG in LAN.

And nearly all VPN Clients authenticate against XG as well. 

Would recommend to use SSL VPN or IPsec VPN Remote access for your users and use the SMTP Relay authentication in this one. 

Works fine for me. 

So basically a live user is a user which is authenticated against XG.

STAS, SATC, SSO Client, NTLM, Captive Portal can authenticate against XG in LAN.

And nearly all VPN Clients authenticate against XG as well. 

Would recommend to use SSL VPN or IPsec VPN Remote access for your users and use the SMTP Relay authentication in this one. 

Works fine for me. 

I have a lot of small clients in many companies, it seems to me like a lot of work to install VPN SSL and reconfigure every account of emails to pass through the VPN... In practice I would prefer something more simple.

Can i ask, for which purpose they should send mails through your gateway? But to be honest, i think, this is not possible in XG like on UTM. 

Those people have email accounts behind the XG.

I have so two choices : either they are on VPN or unauthentified. 

I work as a MSP and I have clients I do not even see for whom I offer email account, so you can understand how this is difficult for me to add VPN SSL (although this is easy) for everyone.

Or start to deploy some kind of active sync (Office365 / Exchange). 

Seems like your needs would fit in active sync: https://en.wikipedia.org/wiki/ActiveSync

Well I know I am not easy but no windows over here... Only Linux and mainly Mac...

I don't like using SMTP authentication on UTM or XG to allow folks to send email.  Is there a reason they can't send email from the mail server you have behind the XG?

Cheers - Bob

Hello Bob,

Except they are many in different geographical zones. What is the best method for you to authenticate nomad people thinking that I have not or little access to their computers or iOS devices ?

Thanks

BAlfson said:

I don't like using SMTP authentication on UTM or XG to allow folks to send email.  Is there a reason they can't send email from the mail server you have behind the XG?

Cheers - Bob

 

When they send emails, the email client say it is not possible to send email because their credentials is not good. From SG to XG it is suddenly not working and though it is configured the same. I understood from Luca this is not working in XG. I understood also that even two years after being released XG is still a field to fallow. I heard also the MTA is going to change in 17.5 will be based on Exim which has proved its value those last decades and will bring back some options from the SG to the XG. 

I agree about VPN and I try to build any new client on VPN but the older one this is complicated to install. SMTP auth was the easiest for nomades users.