Issue: users in localnet can send emails through 25 port without authentification.
How I can fix it? SMTP must require login and password.
Thx.
I'm just setting up a Zentyal server and am looking at the same thing. Did you try sending mail to an external address, or to an internal one, ie one that the server accepts mail for?
I found that mail to external addresses requires authentication as you would expect. However, for internal addresses, it is not actually relaying, so it will naturally accept it.
But now I have a related query. I would like to allow relaying ONLY via SSL. This is because I want authenticated users outside my network to be able to use my server for relay; but Zentyal only seems to support plaintext password authentication so I need it to be secure.
Of course I cannot just disable regular SMTP since I will receive no mail from other servers! But with regular SMTP open, it also lets authenticated users relay by it. Any ideas?