Archivi tag: smtp authentication

Smarthost authentication con exim4

In questo post ho discusso i meccanismi che regolano il funzionamento delle blacklist sull’SMTP out.virgilio.it

Ora vedremo come abilitare l’autentica per lo smarthost (ovvero l’MTA) utilizzato da exim4.

exim4.png

La procedura è quasi banale, basta modificare il contenuto del file passwd.client presente nella directory /etc/exim4, inserendo una stringa così formata:

smarthost:username@dominio:password

Ad esempio, se il nostro exim4 utilizza come smarthost out.virgilio.it, dovremo editare il file citato in precedenza, aggiungendo la seguente entry:

out.virgilio.it:vostroindirizzo@virgilio.it:vostrapassword

Per verificare la correttezza di tale procedura ho effettuato uno sniffing dei pacchetti da e verso lo smarthost. Ecco i dump (parziali):

Senza autentica

No.     Time        Source                Destination           Protocol Info
      1 0.000000    172.16.*.*            212.48.20.24          TCP      58336 > smtp [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=164278477 TSER=0 WS=6

No.     Time        Source                Destination           Protocol Info
      2 0.049538    212.48.20.24          172.16.*.*            TCP      smtp > 58336 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=262597959 TSER=164278477 WS=7

No.     Time        Source                Destination           Protocol Info
      3 0.049655    172.16.*.*            212.48.20.24          TCP      58336 > smtp [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=164278490 TSER=262597959

No.     Time        Source                Destination           Protocol Info
      4 0.097831    212.48.20.24          172.16.*.*            SMTP     S: 220 fep-mail-smtpout-l2c.virgilio.net ESMTP Service ready

No.     Time        Source                Destination           Protocol Info
      5 0.097934    172.16.*.*            212.48.20.24          TCP      58336 > smtp [ACK] Seq=1 Ack=60 Win=5888 Len=0 TSV=164278502 TSER=262598009

No.     Time        Source                Destination           Protocol Info
      6 0.098125    172.16.*.*            212.48.20.24          SMTP     C: EHLO nightbox

No.     Time        Source                Destination           Protocol Info
      7 0.145662    212.48.20.24          172.16.*.*            TCP      smtp > 58336 [ACK] Seq=60 Ack=16 Win=5888 Len=0 TSV=262598057 TSER=164278502

No.     Time        Source                Destination           Protocol Info
      8 0.146254    212.48.20.24          172.16.*.*            SMTP     S: 250-fep-mail-smtpout-l2c.virgilio.net | 250-DSN | 250-8BITMIME | 250-PIPELINING | 250-HELP | 250-AUTH=LOGIN | 250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN | 250-DELIVERBY 300 | 250 SIZE 31457280

No.     Time        Source                Destination           Protocol Info
      9 0.164391    172.16.*.*            212.48.20.24          SMTP     C: MAIL FROM:<nightfly@nightfly.*.*> SIZE=1405 | RCPT TO:<nazareno.latella@*.*> | DATA

No.     Time        Source                Destination           Protocol Info
     10 0.211331    212.48.20.24          172.16.*.*            SMTP     S: 250 MAIL FROM:<nightfly@nightfly.*.*> OK

No.     Time        Source                Destination           Protocol Info
     11 0.211789    212.48.20.24          172.16.*.*            SMTP     S: 250 RCPT TO:<nazareno.latella@*.*> OK

No.     Time        Source                Destination           Protocol Info
     12 0.212137    172.16.*.*            212.48.20.24          TCP      58336 > smtp [ACK] Seq=112 Ack=338 Win=6912 Len=0 TSV=164278531 TSER=262598123

No.     Time        Source                Destination           Protocol Info
     13 0.436690    212.48.20.24          172.16.*.*            SMTP     S: 354 Start mail input; end with <CRLF>.<CRLF>

No.     Time        Source                Destination           Protocol Info
     14 0.437121    172.16.*.*            212.48.20.24          IMF      subject: prova, from: * <*@nightfly.*.*>rn,

No.     Time        Source                Destination           Protocol Info
     15 0.511319    212.48.20.24          172.16.*.*            SMTP     S: 250 <4EC124BD001803F0> Mail accepted

No.     Time        Source                Destination           Protocol Info
     16 0.548011    172.16.*.*            212.48.20.24          TCP      58336 > smtp [ACK] Seq=497 Ack=422 Win=6912 Len=0 TSV=164278615 TSER=262598423

No.     Time        Source                Destination           Protocol Info
     17 0.582529    172.16.*.*            212.48.20.24          SMTP     C: QUIT

No.     Time        Source                Destination           Protocol Info
     18 0.582574    172.16.*.*            212.48.20.24          TCP      58336 > smtp [FIN, ACK] Seq=503 Ack=422 Win=6912 Len=0 TSV=164278623 TSER=262598423

No.     Time        Source                Destination           Protocol Info
     19 0.629901    212.48.20.24          172.16.*.*            SMTP     S: 221 fep-mail-smtpout-l2c.virgilio.net QUIT

No.     Time        Source                Destination           Protocol Info
     20 0.630006    172.16.*.*            212.48.20.24          TCP      58336 > smtp [RST] Seq=503 Win=0 Len=0

No.     Time        Source                Destination           Protocol Info
     21 0.630223    212.48.20.24          172.16.*.*            TCP      smtp > 58336 [ACK] Seq=466 Ack=504 Win=5114624 Len=0

No.     Time        Source                Destination           Protocol Info
     22 0.630240    172.16.*.*            212.48.20.24          TCP      58336 > smtp [RST] Seq=504 Win=0 Len=0


Con autentica

No.     Time        Source                Destination           Protocol Info
      1 0.000000    172.16.*.*            212.48.20.24          TCP      58305 > smtp [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=164205424 TSER=0 WS=6

No.     Time        Source                Destination           Protocol Info
      2 0.050120    212.48.20.24          172.16.*.*            TCP      smtp > 58305 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=262305745 TSER=164205424 WS=7

No.     Time        Source                Destination           Protocol Info
      3 0.050177    172.16.*.*            212.48.20.24          TCP      58305 > smtp [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=164205437 TSER=262305745

No.     Time        Source                Destination           Protocol Info
      4 0.115507    212.48.20.24          172.16.*.*            SMTP     S: 220 fep-mail-smtpout-l2c.virgilio.net ESMTP Service ready

No.     Time        Source                Destination           Protocol Info
      5 0.115532    172.16.*.*            212.48.20.24          TCP      58305 > smtp [ACK] Seq=1 Ack=60 Win=5888 Len=0 TSV=164205453 TSER=262305811

No.     Time        Source                Destination           Protocol Info
      6 0.115639    172.16.*.*            212.48.20.24          SMTP     C: EHLO nightbox

No.     Time        Source                Destination           Protocol Info
      7 0.162612    212.48.20.24          172.16.*.*            TCP      smtp > 58305 [ACK] Seq=60 Ack=16 Win=5888 Len=0 TSV=262305858 TSER=164205453

No.     Time        Source                Destination           Protocol Info
      8 0.163306    212.48.20.24          172.16.*.*            SMTP     S: 250-fep-mail-smtpout-l2c.virgilio.net | 250-DSN | 250-8BITMIME | 250-PIPELINING | 250-HELP | 250-AUTH=LOGIN | 250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN | 250-DELIVERBY 300 | 250 SIZE 31457280

No.     Time        Source                Destination           Protocol Info
      9 0.163651    172.16.*.*            212.48.20.24          SMTP     C: AUTH CRAM-MD5

No.     Time        Source                Destination           Protocol Info
     10 0.217604    212.48.20.24          172.16.*.*            SMTP     S: 334
(digest username)

No.     Time        Source                Destination           Protocol Info
     11 0.217920    172.16.*.*            212.48.20.24          SMTP     C:
(digest password)

No.     Time        Source                Destination           Protocol Info
     12 0.303846    212.48.20.24          172.16.*.*            TCP      smtp > 58305 [ACK] Seq=338 Ack=117 Win=5888 Len=0 TSV=262306000 TSER=164205479

No.     Time        Source                Destination           Protocol Info
     13 0.345052    212.48.20.24          172.16.*.*            SMTP     S: 235 CRAM-MD5 authentication successful

No.     Time        Source                Destination           Protocol Info
     14 0.363227    172.16.*.*            212.48.20.24          SMTP     C: MAIL FROM:<nightfly@nightfly.*.*> SIZE=1405 AUTH=nightfly@nightfly.*.* | RCPT TO:<nazareno.latella@*.*> | DATA

No.     Time        Source                Destination           Protocol Info
     15 0.410026    212.48.20.24          172.16.*.*            TCP      smtp > 58305 [ACK] Seq=378 Ack=247 Win=6912 Len=0 TSV=262306106 TSER=164205515

No.     Time        Source                Destination           Protocol Info
     16 0.410494    212.48.20.24          172.16.*.*            SMTP     S: 250 MAIL FROM:<nightfly@nightfly.*.*> OK

No.     Time        Source                Destination           Protocol Info
     17 0.410923    212.48.20.24          172.16.*.*            SMTP     S: 250 RCPT TO:<nazareno.latella@*.*> OK

No.     Time        Source                Destination           Protocol Info
     18 0.410978    172.16.*.*            212.48.20.24          TCP      58305 > smtp [ACK] Seq=247 Ack=472 Win=6912 Len=0 TSV=164205527 TSER=262306106

No.     Time        Source                Destination           Protocol Info
     19 0.532271    212.48.20.24          172.16.*.*            SMTP     S: 354 Start mail input; end with <CRLF>.<CRLF>

No.     Time        Source                Destination           Protocol Info
     20 0.532658    172.16.*.*            212.48.20.24          IMF      subject: prova, from: * <*@nightfly.*.*>rn,

No.     Time        Source                Destination           Protocol Info
     21 0.630124    212.48.20.24          172.16.*.*            SMTP     S: 250 <4EC124BD0017FEC2> Mail accepted

No.     Time        Source                Destination           Protocol Info
     22 0.668193    172.16.*.*            212.48.20.24          TCP      58305 > smtp [ACK] Seq=632 Ack=556 Win=6912 Len=0 TSV=164205592 TSER=262306326

No.     Time        Source                Destination           Protocol Info
     23 0.697248    172.16.*.*            212.48.20.24          SMTP     C: QUIT

No.     Time        Source                Destination           Protocol Info
     24 0.697297    172.16.*.*            212.48.20.24          TCP      58305 > smtp [FIN, ACK] Seq=638 Ack=556 Win=6912 Len=0 TSV=164205599 TSER=262306326

No.     Time        Source                Destination           Protocol Info
     25 0.743766    212.48.20.24          172.16.*.*            SMTP     S: 221 fep-mail-smtpout-l2c.virgilio.net QUIT

No.     Time        Source                Destination           Protocol Info
     26 0.743892    172.16.*.*            212.48.20.24          TCP      58305 > smtp [RST] Seq=638 Win=0 Len=0

No.     Time        Source                Destination           Protocol Info
     27 0.744116    212.48.20.24          172.16.*.*            TCP      smtp > 58305 [ACK] Seq=600 Ack=639 Win=5081856 Len=0

No.     Time        Source                Destination           Protocol Info
     28 0.744152    172.16.*.*            212.48.20.24          TCP      58305 > smtp [RST] Seq=639 Win=0 Len=0

Come potete notare, il metodo di autenticazione di default utilizzato dall’SMTP è CRAM-MD5.

Infine, riavviamo exim4 mediante il comando:

nightfly@nightbox:/etc/exim4$ sudo service exim4 restart

ed abbiamo finito.

A presto.