Enabling RequireTLS on Exchange Send Connectors

scottalanmiller

Probably best to not have business emails going to Cox home freebie accounts.

Dashrender

Does anyone have a yahoo.com email account I can test?

JaredBusch

@Dashrender check telegram

Dashrender

While there appears to be a delay at times it is working.

Here's yahoo's ehlo reply

https://i.imgur.com/XI7wxKz.png

Dashrender

And hotmail.com

https://i.imgur.com/1MLSTcf.png

scottalanmiller

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

Dashrender

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

scottalanmiller

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

That is odd for sure.

scottalanmiller

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

Dashrender

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

They require logon for sending too.

scottalanmiller

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

They require logon for sending too.

Wrong part of the connection, though. The SMTP to the other serves doesn't have the creds even if you enter them earlier.

Dashrender

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

They require logon for sending too.

Wrong part of the connection, though. The SMTP to the other serves doesn't have the creds even if you enter them earlier.

I might not understand how email from a client device (like Outlook, Thunderbird) works with regards to SMTP, not MAPI/ActiveSync.

My understanding is that authentication is required to keep spammers from relaying through them.

Dashrender

Good news, 5 days so far, and only Cox.net has failed.

brianlittlejohn

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

They require logon for sending too.

Wrong part of the connection, though. The SMTP to the other serves doesn't have the creds even if you enter them earlier.

I might not understand how email from a client device (like Outlook, Thunderbird) works with regards to SMTP, not MAPI/ActiveSync.

My understanding is that authentication is required to keep spammers from relaying through them.

They require credentials to relay outgoing messages to external domains, but incoming messages for cox.net the smtp server accepts without authentication.

Dashrender

spoke to soon, just people aren't reporting issues.

https://i.imgur.com/Z0O4DcO.png

This is a lawfirm.

Dashrender

@brianlittlejohn said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

@scottalanmiller said in Enabling RequireTLS on Exchange Send Connectors:

Looks like only some silly home user freebie email addresses likely to be an issue. Those people all have the option of good, free secure email if they need access like that, too.

What's weird is that Cox requires the use of TLS to download your email through pop or IMAP.

No wait, that's not odd. SMTP doesn't pass credentials, IMAP does. They are protecting the log in.

They require logon for sending too.

Wrong part of the connection, though. The SMTP to the other serves doesn't have the creds even if you enter them earlier.

I might not understand how email from a client device (like Outlook, Thunderbird) works with regards to SMTP, not MAPI/ActiveSync.

My understanding is that authentication is required to keep spammers from relaying through them.

They require credentials to relay outgoing messages to external domains, but incoming messages for cox.net the smtp server accepts without authentication.

Right - I understand this for normal server to server SMTP, but I'm talking about client to server SMTP.
could they be, sure, and if they are, well then SMTP doesn't need to be authenticated unless the sending side is trying to have Cox act as a relay.

JaredBusch

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

spoke to soon, just people aren't reporting issues.

But are people handling it with the recipient another way? If so, win.

JaredBusch

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

https://i.imgur.com/Z0O4DcO.png

This is a lawfirm.

With a local server not behind some spam service I bet.

Dashrender

@JaredBusch said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

spoke to soon, just people aren't reporting issues.

But are people handling it with the recipient another way? If so, win.

Well the boss just called and said - I have a problem - fix it. Sooooo, no they aren't handling it another way, at least not yet.

I've sent a message to their whois listed technical contact.

Dashrender

@JaredBusch said in Enabling RequireTLS on Exchange Send Connectors:

@Dashrender said in Enabling RequireTLS on Exchange Send Connectors:

https://i.imgur.com/Z0O4DcO.png

This is a lawfirm.

With a local server not behind some spam service I bet.

That's hard to say. I do know that their SMTP out IP address was GEO tagged as coming from Europe, so my spam filter used to block them, but I have to remind myself that Geo tracking IPs is pretty unreliable these days...