ConfigServer Community Forum

Hi all,

I enabled SMTPAUTH_RESTRICT and followed the instructions as per the readme. All was working fine, and the amount of SMTP brute force attacks went to zero, and the countries I specified could relay. But then clients phoned and said they cannot email via webmail. I tested and it gives me the error:
Message not sent.
Bad sequence of commands
Server replied: 503 AUTH command used when not advertised

Is there anyway to get this working, because it is a great feature.

Regards,

Dieter

Try listing the servers own IP addresses in /etc/csf/csf.smtpauth (if using NAT add the internal and external ones). Then restart csf and try again, let us know how it goes.

Just tried it, still giving the same error.

I would try the following:

1. Check the error when sending in /var/log/exim_mainlog and note the actual IP address that is failing to ensure it is one you whitelisted

2. Check the file in /etc/exim.smtpauth that the IP also appears in there (this is the file csf generates from /etc/csf/csf.smtpauth)

3. Check /etc/exim.conf.local and ensure that the line:
Appears in the @CONFIG@ section.

4. Check permissions on /etc/exim.smtpauth and ensure they are 644:

Hi,

I checked all you listed. Same error on 2 different servers.

On your Nr. 1, it not an return message that the person gets, but a page error at the top of squirrelmail. So all I get in the exim_mainlog is :
2014-06-05 14:14:16 SMTP connection from [::1]:43096 (TCP/IP connection count = 6)
2014-06-05 14:14:16 SMTP connection from (http://www.redacted.com) [::1]:43096 lost

Has anybody else tried this yet?

When I look at the log when sending via webmail, there is no host IP, but it authenticates, so I think that would be the problem:
2014-06-05 15:05:16 1WsXM4-0006TY-JI <= test@xyz.com H=(http://www.xyz.com) [::1]:50615 P=esmtpa A=dovecot_login:test@xyz.com S=753 id=1a66167ab980730eb88bdc7434ab2ff9.squirrel@www.xyz.com T="" for dieter@yyy.com

Is there anyway to get the host passed not as the domain but as the IP when using webmail on the server?

The [::1] is actually an IPv6 address - it's the equivalent to the 127.0.0.1 IPv4 address. You could try simply disabling IPv6 in exim by adding the following line using the same method you used to add the other line to the exim configuration: It should then use IPv4 to send the webmail.

Working!! Thank you very much.

Hi,
I have a related issue about IPv6 and SMTPAUTH_RESTRICT

When I try to add IPv6 addresses to /etc/csf/csf.smtpauth and reloading csf (csf -r) its regenerates the /etc/exim.smtpauth file but, it has a problem.

Exim's iplsearch function is working well with IPv4 addresses, but it's needs IPv6 addresses in a qoute. CSF generates these without quote. :-(

snippet from exim org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html

1.2.3.4: data for 1.2.3.4
192.168.0.0/16: data for 192.168.0.0/16
"abcd::cdab": data for abcd::cdab
"abcd:/32" data for abcd:/32

Thank you for reporting that. We'll have a fix for it in the next release.