GWIA to GWIA Authentication, and User Authentication

--____LPHMXLZMXOMRLFKSEJCW____
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

The GWIA documentation portions quoted below are rather vague. Here is =
what I want to do: I have a NW6.5 based GWIA inside a firewall that =
handles all traffic to a mail relay host for inbound and outbound =
messages. I have a Second GWIA in a DMZ for IMAP users. I want the Second =
GWIA to authenticate users before accepting any mail to send, and then I =
want it to push everything to the inside GWIA to for relay to the relay =
host. How can I do this?

Outbound Authentication
For outbound authentication to other SMTP hosts, the Internet Agent =
requires that the remote SMTP hosts support the AUTH LOGIN authentication =
method. To set up outbound authentication:
1 Include the remote SMTP host's domain name an authentication credentials =
in the gwauth.cfg file, located in the domain\wpgate\gwia directory. The =
format is: domain_name authuser authpassword For example: smtp.novell.com =
remotehost novell
2 If you have multiple SMTP hosts that require authentication before they =
will accept messages from your system, create an entry for each host. Make =
sure to include a hard return after the last entry.
3 If you want to allow the Internet Agent to send messages only to SMTP =
hosts listed in the gwauth.cfg file, use the following startup switch:=20
/forceoutboundauth
With the /forceoutboundauth switch enabled, if a message is sent to an =
SMTP host not listed in the gwauth.cfg file, the sender will receive an =
Undeliverable message.
Inbound Authentication
For inbound authentication from other SMTP hosts, you can use the =
/forceinboundauth startup switch to ensure that the Internet Agent accepts =
messages only from SMTP hosts that use the AUTH LOGIN authentication =
method to provide a valid GroupWise user ID and password. The remote SMTP =
hosts can use any valid GroupWise user ID and password. However, for =
security reasons, we recommend that you create a dedicated GroupWise user =
account for remote SMTP host authentication.

--____LPHMXLZMXOMRLFKSEJCW____
Content-Type: multipart/related; boundary="____WHPEPQYSAQXEHDGESJXG____"


--____WHPEPQYSAQXEHDGESJXG____
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-1"=
>
<META content=3D"MSHTML 6.00.2800.1479" name=3DGENERATOR></HEAD>
<BODY style=3D"MARGIN: 4px 4px 1px; FONT: 10pt Tahoma">
<DIV>The GWIA documentation portions quoted below are rather vague. Here =
is what I want to do: I have a NW6.5 based GWIA inside a firewall that =
handles all traffic to a mail relay host for inbound and outbound =
messages. I have a Second GWIA in a DMZ for IMAP users. I want the Second =
GWIA to authenticate users before accepting any mail to send, and then I =
want it to push everything to the inside GWIA to for relay to the relay =
host. How can I do this?</DIV>
<DIV><STRONG></STRONG>&nbsp;</DIV>
<DIV><STRONG>Outbound Authentication</STRONG></DIV>
<DIV>For outbound authentication to other SMTP hosts, the Internet Agent =
requires that the remote SMTP hosts support the AUTH LOGIN authentication =
method. To set up outbound authentication:<BR>1 Include the remote SMTP =
host's domain name an authentication credentials in the gwauth.cfg file, =
located in the domain\wpgate\gwia directory. The format is: domain_name =
authuser authpassword For example: smtp.novell.com remotehost novell</DIV>
<DIV>2 If you have multiple SMTP hosts that require authentication before =
they will accept messages from your system, create an entry for each host. =
Make sure to include a hard return after the last entry.</DIV>
<DIV>3 If you want to allow the Internet Agent to send messages only to =
SMTP hosts listed in the gwauth.cfg file, use the following startup =
switch: </DIV>
<DIV>/forceoutboundauth</DIV>
<DIV>With the /forceoutboundauth switch enabled, if a message is sent to =
an SMTP host not listed in the gwauth.cfg file, the sender will receive an =
Undeliverable message.</DIV>
<DIV><STRONG>Inbound Authentication</STRONG><BR>For inbound authentication =
from other SMTP hosts, you can use the /forceinboundauth startup switch to =
ensure that the Internet Agent accepts messages only from SMTP hosts that =
use the AUTH LOGIN authentication method to provide a valid GroupWise user =
ID and password. The remote SMTP hosts can use any valid GroupWise user ID =
and password. However, for security reasons, we recommend that you create =
a dedicated GroupWise user account for remote SMTP host authentication.</DI=
V></BODY></HTML>

--____WHPEPQYSAQXEHDGESJXG____--

--____LPHMXLZMXOMRLFKSEJCW____--
0
dhlb1
1/29/2005 8:01:21 PM
novell.groupwise.6x.gwia 5303 articles. 0 followers. Follow

3 Replies
538 Views

Similar Articles

[PageSpeed] 52

Err, umm How do I say this...  This is the wrong direction.

IMAP clients cannot send anything to a GW system without
authentication (and that is controlled through the access control for
that GWIA in ConsoleOne)

If an inbound message is received from an IMAP client to go to the
Internet, and the GWIA is not the designated "Internet" GWIA then the
traffic will be routed between the two GWIAs and their MTA's

The Authlogin is between your GWIA and another companies GWIA (or
SMTP) so that they know who you are.




On Sat, 29 Jan 2005 20:01:21 GMT, dhlb1@netscape.net
<dhlb1@netscape.net> wrote:

>The GWIA documentation portions quoted below are rather vague. Here is what I want to do: I have a NW6.5 based GWIA inside a firewall that handles all traffic to a mail relay host for inbound and outbound messages. I have a Second GWIA in a DMZ for IMAP users. I want the Second GWIA to authenticate users before accepting any mail to send, and then I want it to push everything to the inside GWIA to for relay to the relay host. How can I do this?
>
>Outbound Authentication
>For outbound authentication to other SMTP hosts, the Internet Agent requires that the remote SMTP hosts support the AUTH LOGIN authentication method. To set up outbound authentication:
>1 Include the remote SMTP host's domain name an authentication credentials in the gwauth.cfg file, located in the domain\wpgate\gwia directory. The format is: domain_name authuser authpassword For example: smtp.novell.com remotehost novell
>2 If you have multiple SMTP hosts that require authentication before they will accept messages from your system, create an entry for each host. Make sure to include a hard return after the last entry.
>3 If you want to allow the Internet Agent to send messages only to SMTP hosts listed in the gwauth.cfg file, use the following startup switch: 
>/forceoutboundauth
>With the /forceoutboundauth switch enabled, if a message is sent to an SMTP host not listed in the gwauth.cfg file, the sender will receive an Undeliverable message.
>Inbound Authentication
>For inbound authentication from other SMTP hosts, you can use the /forceinboundauth startup switch to ensure that the Internet Agent accepts messages only from SMTP hosts that use the AUTH LOGIN authentication method to provide a valid GroupWise user ID and password. The remote SMTP hosts can use any valid GroupWise user ID and password. However, for security reasons, we recommend that you create a dedicated GroupWise user account for remote SMTP host authentication.

Tim
___________________
Tim Heywood (SYSOP)
NDS8
Scotland
(God's Country)
___________________

In theory, practice and theory are the same
In Practice, they are different
0
Tim
1/30/2005 3:54:50 PM
> Err, umm How do I say this...  This is the wrong direction.
> 
> IMAP clients cannot send anything to a GW system without
> authentication (and that is controlled through the access control for
> that GWIA in ConsoleOne)
> 
> If an inbound message is received from an IMAP client to go to the
> Internet, and the GWIA is not the designated "Internet" GWIA then the
> traffic will be routed between the two GWIAs and their MTA's
> 
> The Authlogin is between your GWIA and another companies GWIA (or
> SMTP) so that they know who you are.
> 
> 
> 
> 
> On Sat, 29 Jan 2005 20:01:21 GMT, dhlb1@netscape.net
> <dhlb1@netscape.net> wrote:
> 
> >The GWIA documentation portions quoted below are rather vague. Here is
what I want to do: I have a NW6.5 based GWIA inside a firewall that handles
all traffic to a mail relay host for inbound and outbound messages. I have
a Second GWIA in a DMZ for IMAP users. I want the Second GWIA to
authenticate users before accepting any mail to send, and then I want it to
push everything to the inside GWIA to for relay to the relay host. How can
I do this?
> >
> >Outbound Authentication
> >For outbound authentication to other SMTP hosts, the Internet Agent
requires that the remote SMTP hosts support the AUTH LOGIN authentication
method. To set up outbound authentication:
> >1 Include the remote SMTP host's domain name an authentication
credentials in the gwauth.cfg file, located in the domain\wpgate\gwia
directory. The format is: domain_name authuser authpassword For example:
smtp.novell.com remotehost novell
> >2 If you have multiple SMTP hosts that require authentication before
they will accept messages from your system, create an entry for each host.
Make sure to include a hard return after the last entry.
> >3 If you want to allow the Internet Agent to send messages only to SMTP
hosts listed in the gwauth.cfg file, use the following startup switch: 
> >/forceoutboundauth
> >With the /forceoutboundauth switch enabled, if a message is sent to an
SMTP host not listed in the gwauth.cfg file, the sender will receive an
Undeliverable message.
> >Inbound Authentication
> >For inbound authentication from other SMTP hosts, you can use the
/forceinboundauth startup switch to ensure that the Internet Agent accepts
messages only from SMTP hosts that use the AUTH LOGIN authentication method
to provide a valid GroupWise user ID and password. The remote SMTP hosts
can use any valid GroupWise user ID and password. However, for security
reasons, we recommend that you create a dedicated GroupWise user account
for remote SMTP host authentication.
> 
> Tim
> ___________________
> Tim Heywood (SYSOP)
> NDS8
> Scotland
> (God's Country)
> ___________________
> 
> In theory, practice and theory are the same
> In Practice, they are different


Thanks Tim. After I posted this I started wondering if the MTA would handle
everything. My main worry was that I don't let spammers get into the
system. -- By the way I am in the USA; been to Scotland twice and plan to
go back this summer. -- David
0
dhlb1
1/30/2005 9:49:37 PM
Quite welcome,

I pop over that side of the pond quite often too...

BrainShare in 6 weeks!  Yippee



On Sun, 30 Jan 2005 21:49:37 GMT, dhlb1@netscape.net wrote:

>
>
>Thanks Tim. After I posted this I started wondering if the MTA would handle
>everything. My main worry was that I don't let spammers get into the
>system. -- By the way I am in the USA; been to Scotland twice and plan to
>go back this summer. -- David

Tim
___________________
Tim Heywood (SYSOP)
NDS8
Scotland
(God's Country)
___________________

In theory, practice and theory are the same
In Practice, they are different
0
Tim
1/31/2005 8:09:21 AM
Reply:

Similar Artilces:

To Gwia or not to Gwia
Hi everyone. I have 6.5.7 that is on a 10+ years box. It's time to put it to rest - I said but the boss does not want to spend the money - heard that before! It a suite using on GW and Gwava no other products. There are worried about email failure. So I'm trying GWAVA's Reload product. It works fine for the backup and the disaster recovery BUT you have no Gwia. Can I set up another Netware box with just the Gwia on it and disable the main box Gwia so that when the system fails ( and it will) we will have a email running service? Also is there a license issue here...

GWIA authentication
when i specify /forceinboundauth on loading gwia it does not seem to have any effect?? I can still send mail through without supplying a password? I am using "smtp diagnostics" utility to send the messages. Any ideas? Also is this option replicated in console1 as I could not find it Rob -- twinturbo ------------------------------------------------------------------------ Rob, did you restart the GWIA? Else I can only imagine you edit the wrong gwia.cfg. AFAIK there's no corresponding setting in C1. Uwe ...

GWIA 55EP2 and GWIA 6x Differences
Hello, I am reading the Groupwise upgrade guide, as we are planning to upgrade from GW 55EP2 to GW 6.x. In there, it mentions that we may not want to upgrade right away to a 6.x GWIA, especially if we support POP3 or IMAP clients. And it seems to indicate that the GroupWise post offices now talk directly to a 6.x GWIA, while a 5.x GWIA always communicates through the MTA. Can someone explain to me the differences in the GWIA's so we can deploy our GW upgrade without surprises? We have a single GroupWise domain, Single GWIA, Single MTA, and 8 post offices distributed on ...

groupwise 5.5 GWIA out
i'm getting this message "Mailer-Daemon@gwiaout.mycompanydomain.com" The message that you sent was undeliverable to the following: amoralezz@yahoo.com (access denied) Possibly truncated original message follows: when we use other email clients to send e-mails out. if anyone knows what is wrong please help me. we run Groupwise 5.5 regards, anthony Look at GWIA Access Control -- Michael J. Bell Novell Support Connection Volunteer Sysop Author of Guinevere (http://www.openhandhome.com) PLEASE: Do not e-mail me privately unless specifically asked. I...

groupwise 5.5 gwia out
I've tested out 2 different e-mail clients our .bat one and outlook express. i think our GWIA-Out is having a problem sending mail using those clients. Could there be something in the way it processes the mail that is coming from an e-mail client that is not groupwise 5.5 mail client? regards, anthony Naw, but it's nearly impossible to safely set up 5.x in a way you don't expose yourself for spam relay... -- Michael J. Bell Novell Support Connection Volunteer Sysop Author of Guinevere (http://www.openhandhome.com) PLEASE: Do not e-mail me privately unless ...

GWIA Authentication Question
I have a client who is running a GW7 system behind a MailScanner filter for virus/spam checking. The main issue is that they insist on having open POP/SMTP to the GW system for external users, this means that I have to open port 25 on the GWIA to the web and spammers have found the address and are bypassing the MailScanner. My question is this, is there a way with GWIA 7.02 to only allow incoming SMTP from authenticated users or the relay box? I can not just use a blanket block as I do not know what ip addresses the users will be coming in on. Thanks in Advance Paul O...

GWIA authentication parameters
I have GW and Netmail running here. Netmail sends and receives all mail from the internet. I would like to activate the "Only authenticated users can send mail" option in Netmail. A long time ago some one mentioned there was something in the works for GWIA to be able to send authentication info with the message so Netmail can resend. Did that ever get incorporated? If not, how else can I stop the messages being relayed off my NM server from the internet but still allow GW to use NM as a relay? Thanks, Brian No such animal exists. You'd have to have Ne...

SMTP Authentication on GWIA
An ISP that I use is changing their mail servers, and the one they want us to use will require SMTP authentication, that is if we want to relay out through their virus checking mail server. Does GWIA 6 support authentication, nothing obvious in the config. Stuart. Stuartr@nospam.please (Stuart Robinson) wrote in news:memo.20050218075046.484B@srnet.compulink.co.uk: > Does GWIA 6 support authentication, nothing obvious in the config. Not sure, maybe it was added with SP4. Search for "forceoutboundauth" in the documentation. Uwe -- Novell Support Conn...

gwia smtp authentication
Hello, the gwia (gw651) schould send to smtp host with authentication, how to configure smtp authetication, because i get the 530 error ... any ideas helge Helge, it is in the product documentation. Basically you need a file server:volume\domaindir\wpgate\gwia\gwauth.cfg which contains one line per host smtp.example.com username password Make sure you have a hard return after the last line. HTH Uwe -- Novell Support Connection Volunteer SysOp Please don't send me support related e-mail unless I ask you to do so. ...

Authenticated IMAP to gwia?
Hi, I want to enable authentication over secure port to IMAP my gwia from outside. How do I do it. Any documentation or any thing I should be aware of? Sincerely, DB -- *************** Dominicus B architect Southern Finland Novell Newbe DominicusB wrote: > I want to enable authentication over secure port to IMAP my gwia from > outside. > How do I do it. Any documentation or any thing I should be aware of? This should get you started http://support.novell.com/cgi-bin/search/searchtid.cgi?10068982.htm -- Jim NSC SYsop Thanks, just what I needed. D...

Authenticated login to GWIA
We have an internal application that use SMTP to send out messages. We currently use our ISP SMTP server to connect to their smtp server and send out emails to the outside or back to internal users. We would like to instead use the same software with our GW7.01 system to use our internal SMTP server to process these emails, thus not being dependent on our outside ISP's system. However, we can do this just fine when we want to send emails to users in our gwdomain ....@mycompany.com. However, when we send to users outside our domain, .....@someoutsidecompany.com, it does ...

GWIA
Just upgraded to Groupwise 7.0 I get the following error message when trying to send outbound messages (553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)) Not a GW message. You are using a SMTP relay and you used to bind to one IP address and now you are not? My best guess is that you used to have the "Bind IP at Load Time" ticked (under SMTP) and now you don't On Sat, 01 Apr 2006 09:22:23 GMT, wbl_1@hotmail.com wrote: >Just upgraded to Groupwise 7.0 I get the following error message when >trying to send outbound messages (5...

GWIA
I have GroupWise 6.0 with GW6SP3m installed. I must sent my outgoing mails via a gateway which needs authentification. Does anyone know if AUTH is possible with GWIA from GroupWise 6.0? I found something similar in GroupWise 6.5 but I have GroupWise 6.0. Thanks.. Hi, Markus Herbert wrote: > > I have GroupWise 6.0 with GW6SP3m installed. I must sent my outgoing mails > via a gateway which needs authentification. Does anyone know if AUTH is > possible with GWIA from GroupWise 6.0? > I found something similar in GroupWise 6.5 but I have GroupWise 6.0. ...

GWIA
I have a small GW setup with 1 domain, 2 PO's (1 at HO and 1 at branch office), 2 MTA's (1 for WA) and the GWIA. If I move my Internet connection away from HO to the branch office is it ok to setup a secondary domain at the branch office and run the GWIA in that until I can move all of the domain structure to the branch office at a later date?? Thanks, Paul. Hi, Sure, this wont be a problem. Create your secondary domain at them branch, and setup the new GWIA there. In ConsoleOne, goto tools menu -> system operations -> internet addressing and sel...

Web resources about - GWIA to GWIA Authentication, and User Authentication - novell.groupwise.6x.gwia

Authentication - Wikipedia, the free encyclopedia
Authentication (from Greek : αὐθεντικός authentikos , "real, genuine," from αὐθέντης authentes , "author") is the act of confirming the truth ...

Authentication - Facebook-Entwickler
Please note: On October 3, 2012, the offline_access permission will be removed. If you are building...

Facebook Adds Two Factor Authentication for Login and Redesigns Family Safety Center
... announced the release of several new tools to help users stay safe while using the site. Soon, users will be able to enable two factor authentication ...

Lockdown - A better two-factor authentication experience on the App Store on iTunes
Get Lockdown - A better two-factor authentication experience on the App Store. See screenshots and ratings, and read customer reviews.


YouTube - How To Hack Twitter's New Two Factor Authentication
Veröffentlicht am 23.05.2013 Connect! http://toopher.com http://facebook.com/toopherinc http://twitter.com/toopher CEO Josh Alexander wants ...

SafeNet brings Cloud-based authentication service to A/NZ
SafeNet has released its new Cloud-based authentication service, billed as Authentication-as-a-Service, in A/NZ.

Two-factor authentication - cyber security -
Two recent hacking cases highlight how personal emails can impact overall business security through tiny weaknesses.

Digital authentication to become Google's next big focus
Streamlining the website login process a top priority, according to the company’s Australian business and consumer services manager Dan Metcalf. ...

Hands on: Twitter two-factor authentication
Optus and Vodafone customers need not apply when it comes to Twitter's two-factor authentication.

Resources last updated: 1/21/2016 2:06:50 PM