Enable Port 25 Authenitcation

felixthecat · March 14, 2019, 1:49am

Hello,

I have been using MIAB for quite sometime. The new upgrade is much better now. However, I have a legacy software for our Insurance Management System that requires and will ONLY work with port 25 authentication ssl.

I never would have thought this would have been eliminated (better yet I should have ready the changelog DUH!) and now none of our agents can send out faxes, emails to clients or MGA’s.

Is there a way to put this back or turn it back on. EXTREMELY important…

Eliter · March 14, 2019, 4:12pm

I’m not sure I understand what you’re saying. How do faxes have anything to do with mail servers?

itsbhanusharma · March 14, 2019, 5:13pm

From what I believe, they may be using some sort of Email to Fax service.

alento · March 14, 2019, 5:23pm

I know that this is not going to be helpful … sorry. But maybe it is time to update the old software?

That said … yes, there is likely a way to do this as it is only a config in Postfix, but I am afraid that until someone comes along who is an expert with Postfix exactly HOW will remain a mystery.

Might I suggest popping in to the Slack channel @felixthecat ? There are a couple of SysAdmins who hang out there who might be able to guide you to making this ‘unsupported modification’ to your MiaB.

murgero · March 14, 2019, 5:26pm

Who wrote this software, port 25 should not be used with SSL.

Anyway, try an SMTP proxy script running on a different server to act as a sort of middle man.

felixthecat · March 15, 2019, 12:57am

It’s a software specifically designed for insurance agencies. They are worried more about making it more pretty than dealing with the real issues at hand and thats getting the built in email client up to date and for heavens sake, finally come up with a 64 bit as the access databases can’t handle the limit on the 32 bit open streams.

Every single one of our offices has the software which is centralized via VDI and DaaS. Every single customer gets put into this Insurance Agency Management System which makes the offices paperless, so when any agent needs to email a fax, email a document, and etc from it’s outdated hard coded email client, the new changes to MiaB from the update and turning off port 25 authentication seriously broke everything. As I said, yes, I’m and idiot for not reading the Changelog, but it’s a change I would never have expected so I wasn’t out “looking for it”.

It was working as it should perfectly until the update and I saw somewhere on here that the Developer would help anyone that still needs this legacy access but when I signed up and went back to where he said it, it was gone and was entirely in a different thread, so I’m reaching out for some help as the agents are having a hard time doing their work and having to save the scanned image and make a copy on their desktop then email from outlook when it all was designed to work within the software.

murgero · March 15, 2019, 1:04am

You should just setup an SMTP proxy:

felixthecat · March 15, 2019, 1:05am

If all else fails, that looks like a perfect solution @murgero I will start reading up on it. Just create it as a VM in the DaaS enviroment.

murgero · March 15, 2019, 1:06am

Yep, pretty much

Create VM
Configure it to authenticate with a generic account to MIAB
Configure insurance software to use the new VM proxy boy to proxy the emails
profit
look like a bad ass to boss?

felixthecat · March 15, 2019, 1:08am

Thank you very much @murgero. I’ll get this all set up tonight.

alento · March 15, 2019, 1:13am

Hmmm … I wonder if that would work on the box itself??? Thoughts @murgero?

murgero · March 15, 2019, 1:13am

Would it? Yes. Should we though? No. MIAB is for MIAB.

But in theory you totally could.

alento · March 15, 2019, 1:14am

Agreed! But inquiring minds need to know.

murgero · March 15, 2019, 1:34am

Python is already installed, so it would be a matter of setting up the script as a service
(This is not supported by MIAB!)

[mailproxy.service]

[Unit]
Description=MailProxy Service
After=network.target
StartLimitIntervalSec=0

[Service]
Type=simple
Restart=always
RestartSec=1
User=mailinabox
ExecStart=/usr/bin/python /opt/mailproxy/mailproxy.py

[Install]
WantedBy=multi-user.target

[config.ini] (In /opt/mailproxy next to mailproxy.py!!)

[local]
host = 0.0.0.0
;port above 1024 because non-root user.
port = 2525

[remote]
host = box.urgero.org
port = 587
;Not SSL here, use TLS. Proxy will *serve* port 2525 without auth and without ssl/tls.
use_ssl = no
starttls = yes
smtp_auth = yes
smtp_auth_user = username@example.com
smtp_auth_password = SomeComplicatedPasswordForTheAccount1234

felixthecat · March 15, 2019, 1:36am

@murgero, your help is GREATLY appreciated.

murgero · March 15, 2019, 1:37am

The service idea isn’t tested, and is not a supported modification of MIAB just fyi. Use at your own risk. A Separate VM is the better option out of the two.

felixthecat · March 15, 2019, 1:39am

VM is already built on the network. MIAB is tightly hardcoded so there would be no chance I would run it on that server. You saved me A LOT of headache.

murgero · March 15, 2019, 1:40am

Always happy to help! In the event you have any more questions, or need an urgent question answered, contact me using my website, https://urgero.org, via FB, Telegram, etc.

murgero · March 15, 2019, 1:41am

Oh I forgot to mention, that service idea should be able to run on that other VM you just made. if you need it to run in the background.

As a bonus, you can have the service run as root, and change the proxy port to 25 if you need to do that.

(Why worry about security? You’re already running crappy, insecure software for the insurance, not of your own fault tho)

felixthecat · March 15, 2019, 1:42am

already implemented it