CODEWITHSUNDEEP
securityauthenticationsmtp
user2480201
user2480201

Reputation: 151

Cannot authenticate to SMTP server with windows authentication

I've been researching this all day and I'm at my wits end! I simply CANNOT get my smtp server to authenticate with my windows user - what am I doing wrong?? I keep getting the error:

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.3 Client was not authenticated

My smtp is set up with Authentication set to Integrated Windows Authentication in the access tab:

enter image description here

And my Relay Restrictions are set to Only the list below and I've got 127.0.0.1 added to the list. I've also checked the box for Allow all computers which successfully authenticate to relay, regardless of the list above:

enter image description here

Everything else is still set to its default value. My code says:

var objMessage = new MailMessage("[email protected]", "[email protected]");

// format subject and message
objMessage.Subject = "testing email";
objMessage.Body = "blah blah";

using (var client = new SmtpClient())
{
    client.Host = "127.0.0.1";
    client.Port = 25;
    client.UseDefaultCredentials = false;
    client.Credentials = new System.Net.NetworkCredential("SMTPuser", "mypassword");
    client.Send(objMessage);
}

And I've created a standard Windows user SMTPuser on the machine with the matching password. I'm baffled. How is this Windows Authentication supposed to work? What assumptions did I get wrong? Why am I only able to send when all my security levels are set to Anonymous?

All I want to do is send mail to any domain (I don't need to receive mail), and obviously protect my server from spammers using it to send out their spam. For now, the only legitimate access should be coming from localhost. From the research that I did, it seems like I could accomplish what I want by setting everything to anonymous, but then limiting the connections to 127.0.0.1 and the relay restrictions to 127.0.0.1 - is that right? I'm on the verge of resorting to that, but I'd really like to understand how this works especially in the case where I might want to remotely access the smtp server one day.

Am I way off base to think I could set up a server that would allow anybody who can authenticate with my SMTPuser Windows login to be able to use my smtp server to send email to any domain?

Upvotes: 3

Views: 7706

Answers (1)

krisku
krisku

Reputation: 3991

You should enable Basic authentication in your SMTP service, because the SmtpClient class does not use Integrated Windows Authentication.

It is also sufficient to limit access to the SMTP service for 127.0.0.1 only, as that will effectively prevent anyone from the outside to use the service.

Upvotes: 4

Related Questions