SMTP AUTH required for non-berkeley.edu addressees [was Re: Expect 'name and password' errors on CalMail/UCLink starting today]

From: Aron Roberts <aron_at_socrates.berkeley.edu>
Date: Tue Mar 01 2005 - 11:07:04 PST

In the message "Re: [Micronet] Expect 'name and password' errors on
CalMail", dated 2005-03-01, nancy lin wrote:

>A quick question for you. when you say:
>
>Authentication (SMTP AUTH) when sending mail to non-CalMail addresses will
>also be required.
>
>Do you mean that a @berkeley.edu user will always need to be authenticated
>when sending email to non @berkeley.edu address?? Even other addresses
>w/in UCB?

   Thank you for asking about this, Nancy. You're correct. My error:
this should have stated:

>Authentication (SMTP AUTH) when sending mail to non-berkeley.edu
>[not "non-CalMail"] addresses will also be required.

   Nonetheless, as this is typically an either/or choice in desktop
email programs, *all* users should have SMTP AUTH authentication
enabled in their programs in order to avoid relaying errors when
sending mail.

   Detailed information about this requirement is provided below,
courtesy of my colleague Anthony Roybal, and CalMail sysadmin Paul
Fisher.

Aron Roberts
Workstation Software Support Group 

--
Beginning March 1, 2005, relaying email through the CalMail system will
require secure authentication. The authentication method to be
used is SMTP AUTH (authentication) with PLAIN and LOGIN mechanisms
secured via an SSL/TLS connection. "POP or IMAP before send" will no 
longer be supported as an authentication method for outgoing mail.
Additionally, CalMail will support port 587 (RFC 2476), the mail 
submission port for outgoing mail.
Authentication is not required for local delivery: mail addressed
to .berkeley.edu, CalMail and CalMail hosted departmental domains.
However all users should turn on SMTP AUTH with SSL/TLS in their
email client.
The configuration options are:
- Set outgoing mail server to calmail.berkeley.edu using port 587, 
AUTH, and STARTTLS
- Set outgoing mail server to calmail.berkeley.edu using port 25, 
AUTH, and STARTTLS (Using the required, not optional setting for 
STARTTLS)
- Set outgoing mail server to calmail.berkeley.edu using port 465, 
AUTH, and SSL/TLS (In some clients this is called "Alternate port 
SSL" for SMTP)
...
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Tue Mar 1 11:10:51 2005

This archive was generated by hypermail 2.1.8 : Tue Mar 01 2005 - 11:10:51 PST