I provide IT Services to a client who, for the longest time in the world, has been using a POP3 server from Network Solutions to handle their email.
At this time, I'm introducing the McAfee SaaS email protection to give their email some type of security and filtering.
Well, turns out Network Solutions' POP3 services don't play well with McAfee.
Essentially, in McAfee, I provide the SMTP address, port # and test the connection. That works. I change the MX records to what McAfee wants. That works fine.
My issue is SMTP authentication. Network Solutions requires this. However, McAfee doesn't provide anything to pass on authentication (when I send an email to my client, it goes from me, to McAfee filter system, and McAfee hands off the email to Network Solutions). When McAffe is handing off the email, Network Solutions rejects it because there is no authentication taking place – and my email is rejected and sent back to me.
After much discussion with McAfee and Network Solutions, our only available solution is to disable authentication. This was AFTER I had two whole domains whitelisted to bypass authentication.
Before turning off SMTP authentication, I'm curious what the security risks are. If a computer were to become compromised, couldn't a hacker/spammer take control of that computer and possibly send thousands of emails at their will? (because w/SMTP authentication off, the computer – or more like the users' Outlook outgoing server options – no authentication is needed).
I'm concerned about the security risks. Network Solutions said they would turn it off, but cautioned me not to. Just curious what others would say about this….
Thanks for conversation…
Best Answer
To be pedantic, one doesn't enable or disable SMTP authentication on a POP3 server. They are completely separate services (though one really irritating configuration, POP-before-SMTP, uses one to authenticate for the other). It doesn't sound like you're talking about POP3 much; no authentication on POP3 would be allowing anyone and everyone to claim any user's emails, like leaving every mailbox unlocked. No SMTP authentication is allowing anyone and everyone to deposit mail with whatever return address for delivery.
What you should do is configure your SMTP servers to accept emails only from your McAfee-running systems that are filtering outgoing mail. Then, set up SMTP authentication on the McAfee filtering servers. This is a little weaker because someone could pretend to be the McAfee servers and send spam as you; you'll have to secure against that (eg. network level authentication or something).
If you can't set up SMTP authentication on your McAfee filtering servers because they are really bad at life and don't support it, set up an additional set of mail servers which do, configure McAfee's software to only accept mails from them, and enable authentication on them.