hmailserver as an automation test platform target?

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
mpking
New user
New user
Posts: 5
Joined: 2020-04-14 16:39

hmailserver as an automation test platform target?

Post by mpking » 2020-04-14 16:53

We're developing a product, and part of it includes a mail client to send email when it has a problem.

Part of our build process include acceptance testing using automation. We need to identify a new mail server to use as a test target (our previous test mail server got corrupted, and the person that originally set it up has moved on).

Our requirements were simple:
  • Unauthenticated SMTP on Port 25
  • Authenticated SMTP SSL/TLS on port 465
  • Authenticated SMTP STARTTLS on port 587
I have the system configured with the ports and connection security I want.

What I'm struggling with is how to require authentication on some ports, but not others.

Is this possible with hmailserver?

User avatar
SorenR
Senior user
Senior user
Posts: 3840
Joined: 2006-08-21 15:38
Location: Denmark

Re: hmailserver as an automation test platform target?

Post by SorenR » 2020-04-14 17:22

mpking wrote:
2020-04-14 16:53
We're developing a product, and part of it includes a mail client to send email when it has a problem.

Part of our build process include acceptance testing using automation. We need to identify a new mail server to use as a test target (our previous test mail server got corrupted, and the person that originally set it up has moved on).

Our requirements were simple:
  • Unauthenticated SMTP on Port 25
  • Authenticated SMTP SSL/TLS on port 465
  • Authenticated SMTP STARTTLS on port 587
I have the system configured with the ports and connection security I want.

What I'm struggling with is how to require authentication on some ports, but not others.

Is this possible with hmailserver?
You don't control authentication per port, you control authentication per (client) IP Range and protocol. Connection security/Certificate is controlled per port.
SørenR.

" I will initiate self-destruct. " — IG-11.

User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: hmailserver as an automation test platform target?

Post by Dravion » 2020-04-14 18:41

SorenR wrote:
2020-04-14 17:22

Connection security/Certificate is controlled per port.

Connection security is done by activating SSL/TLS by setting up a SSL-Certificate and ports has nothing to do with Connection security.

mpking
New user
New user
Posts: 5
Joined: 2020-04-14 16:39

Re: hmailserver as an automation test platform target?

Post by mpking » 2020-04-14 18:47

I think we have the SSL/TLS part sorted.

What I was enquiring on, is it possible to have a single client (my test automation machine) be able to require authentication on one port, but not from another.

From Soren's response, it seems the answer is NO, as hmailserver uses IP address to decide if authentication is required or not. I'd have to have two test machines, on different IP's.

Did I understand this right?

User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: hmailserver as an automation test platform target?

Post by Dravion » 2020-04-14 19:07

This is correct.

But you can setup multiple ip ranges which will allow authentication for some ip addresses or ranges of ip addresses or even on a single ip address,
so you should get what you want with this method.

User avatar
SorenR
Senior user
Senior user
Posts: 3840
Joined: 2006-08-21 15:38
Location: Denmark

Re: hmailserver as an automation test platform target?

Post by SorenR » 2020-04-14 20:01

Dravion wrote:
2020-04-14 19:07
This is correct.

But you can setup multiple ip ranges which will allow authentication for some ip addresses or ranges of ip addresses or even on a single ip address,
so you should get what you want with this method.
Only if the client bind to different IP addresses per test :idea:
SørenR.

" I will initiate self-destruct. " — IG-11.

palinka
Senior user
Senior user
Posts: 2189
Joined: 2017-09-12 17:57

Re: hmailserver as an automation test platform target?

Post by palinka » 2020-04-14 23:51

mpking wrote:
2020-04-14 16:53

Our requirements were simple:
  • Unauthenticated SMTP on Port 25
  • Authenticated SMTP SSL/TLS on port 465
  • Authenticated SMTP STARTTLS on port 587
Nobody allows unauthenticated mail except (rarely) on local networks. Maybe if you explain the reason why you want to allow unauthenticated 25, we can help you achieve your actual goal.

User avatar
mattg
Moderator
Moderator
Posts: 21117
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hmailserver as an automation test platform target?

Post by mattg » 2020-04-15 15:27

the ini setting to not accept AUTH on port 25 would work


Add this to your hmailserver.ini

Code: Select all

[settings]
DisableAUTHList=25
; Setting DisableAUTHList allows you to specify a comma-separated list of SMTP ports which authentication should not be enabled for.
; This is useful when working with legacy systems with malfunctioning SMTP support.
combined with allowing external to external on your applicable IP range

Make sure this server is locked down and hidden behind firewalls, allowing unauthenticated SMTP on port 25 is a spammers paradise
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

mpking
New user
New user
Posts: 5
Joined: 2020-04-14 16:39

Re: hmailserver as an automation test platform target?

Post by mpking » 2020-04-15 16:03

palinka wrote:
2020-04-14 23:51
mpking wrote:
2020-04-14 16:53
We're developing a product, and part of it includes a mail client to send email when it has a problem.

Part of our build process include acceptance testing using automation. We need to identify a new mail server to use as a test target (our previous test mail server got corrupted, and the person that originally set it up has moved on).
Nobody allows unauthenticated mail except (rarely) on local networks. Maybe if you explain the reason why you want to allow unauthenticated 25, we can help you achieve your actual goal.
I fixed the quote for you. :-)

It's part of our CI Build pipeline. Every check in to the code base, every piece of the product automatically gets exercised by scripts (using Gherkin syntax). You know how some parts of IT equipment email you when a drive fails, or a camera goes offline, or something that shows the health of the system is not 100%? That's what our product does. It yells help.

We can't control what a customer does, so we really have to support everything. (Hence the list of requirements). We'd rather everyone use Authenticated SMTP, using Implicit TLS on port 465. But if the customer doesn't have that setup, then we have to just deal with it.

But from a test perspective, we have to test all combinations.

mpking
New user
New user
Posts: 5
Joined: 2020-04-14 16:39

Re: hmailserver as an automation test platform target?

Post by mpking » 2020-04-15 16:05

mattg wrote:
2020-04-15 15:27
the ini setting to not accept AUTH on port 25 would work


Add this to your hmailserver.ini

Code: Select all

[settings]
DisableAUTHList=25
; Setting DisableAUTHList allows you to specify a comma-separated list of SMTP ports which authentication should not be enabled for.
; This is useful when working with legacy systems with malfunctioning SMTP support.
combined with allowing external to external on your applicable IP range

Make sure this server is locked down and hidden behind firewalls, allowing unauthenticated SMTP on port 25 is a spammers paradise
Thanks!

Yes, the server is in an isolated test enviornment. I'll probably play with the hardening stuff in the Docs to restrict to the netblock of the build server.

User avatar
SorenR
Senior user
Senior user
Posts: 3840
Joined: 2006-08-21 15:38
Location: Denmark

Re: hmailserver as an automation test platform target?

Post by SorenR » 2020-04-15 16:23

mpking wrote:
2020-04-15 16:05
mattg wrote:
2020-04-15 15:27
the ini setting to not accept AUTH on port 25 would work


Add this to your hmailserver.ini

Code: Select all

[settings]
DisableAUTHList=25
; Setting DisableAUTHList allows you to specify a comma-separated list of SMTP ports which authentication should not be enabled for.
; This is useful when working with legacy systems with malfunctioning SMTP support.
combined with allowing external to external on your applicable IP range

Make sure this server is locked down and hidden behind firewalls, allowing unauthenticated SMTP on port 25 is a spammers paradise
Thanks!

Yes, the server is in an isolated test enviornment. I'll probably play with the hardening stuff in the Docs to restrict to the netblock of the build server.
The Admin GUI interfaces with hMailServer via COM/DCOM so if you know your way around COM/DCOM then you can actually configure the server "on the fly" as part of your test strategy.
SørenR.

" I will initiate self-destruct. " — IG-11.

mpking
New user
New user
Posts: 5
Joined: 2020-04-14 16:39

Re: hmailserver as an automation test platform target?

Post by mpking » 2020-04-15 22:10

mattg wrote:
2020-04-15 15:27
the ini setting to not accept AUTH on port 25 would work
I seem to be having an issue with this.

Still requiring AUTH.
Attachments
2020-04-15 16_10_47-161.84.202.213 - Remote Desktop Connection.png
2020-04-15 16_06_33-161.84.202.213 - Remote Desktop Connection.png
2020-04-15 16_05_43-161.84.202.213 - Remote Desktop Connection.png

User avatar
jimimaseye
Moderator
Moderator
Posts: 8780
Joined: 2011-09-08 17:48

Re: hmailserver as an automation test platform target?

Post by jimimaseye » 2020-04-15 22:34

You're blurred redacted log extract doesn't help with the diagnosis. Can you declare the from and vto addresses so we can compare to the setup you have.

My guess is that those addresses are not belonging to accounts in your hmailserver somehow (hence being seen as external).

Also run this and post the results: https://www.hmailserver.com/forum/viewt ... 20&t=30914


[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
SorenR
Senior user
Senior user
Posts: 3840
Joined: 2006-08-21 15:38
Location: Denmark

Re: hmailserver as an automation test platform target?

Post by SorenR » 2020-04-15 22:38

If you enable SMTP and TCP/IP logging in hMailServer you can look in the "hMailServer\Logs" for files like "hmailserver_2020-04-15.log" - no need to use WireShark :mrgreen:

Anyways... "External" means domain NOT hosted on hMailServer, "Local" otoh means a hosted domain.

So if you have acme.inc defined locally and you send from yogi.bear@hanna-barbera.inc to donald.duck@disney.inc that is "External to External" and it requires authentication as per your configuration and that means "530 SMTP authentication is required" is correct.

HOWEVER the setting DisableAUTHList=25 removes the AUTH option from port 25 so that port will NEVER log you on, required or not.

Until you fully get hMailServer (and since it is fully walled) you should comment that line out in the .ini file.
SørenR.

" I will initiate self-destruct. " — IG-11.

Post Reply