SOGo - BTS - SOGo
View Issue Details
0000031SOGoBackend Mailpublic2009-06-23 04:062018-05-15 10:39
djordjije 
 
normalfeaturealways
newopen 
 
 
0000031: Support for SMTP SASL AUTH and SMTP TLS/SSL
It would be very nice if you can add support for SMTP SASL and SMTP
over TLS/SSL in the next version of SOGo.
There are lot of examples of SMTP server (MTA) configurations that
require user's authentication:
For example, there might be "protected" mail destination addresses,
for example internal or restricted mailing lists, so that only
specific set of authenticated senders can post their messages to these
lists.
Or, second example is usage of Autoresponse - autoresponder for the
Postfix MTA (for more details please see:
http://nefaria.com/?page_id=3D7 [^]). SMTP SASL authentication is also
required, in order to ensure that only appropriate authenticated user
can set autoresponse (vacation) message.
No tags attached.
related to 0003374new  Sogo SMTP Client drops with ERROR "Could not connect to the SMTP server XXX.XXX.XXX.XXX on port 25" 
Issue History
2009-06-23 04:06djordjijeNew Issue
2010-02-23 10:02MSmiatekNote Added: 0000626
2010-02-23 10:02MSmiatekNote Edited: 0000626
2011-07-31 09:44maybeeNote Added: 0002771
2011-07-31 10:29corradofioreNote Added: 0002772
2011-11-16 07:01ffischerNote Added: 0003010
2014-01-28 08:05michal_bNote Added: 0006446
2014-01-29 13:11Christian MackNote Added: 0006455
2014-02-01 16:38michal_bNote Added: 0006467
2014-03-03 09:24tanstaaflNote Added: 0006604
2014-03-05 22:32obnoxNote Added: 0006644
2014-03-06 08:05tanstaaflNote Added: 0006653
2014-03-06 08:07tanstaaflNote Added: 0006654
2015-05-04 15:18jcebNote Added: 0008445
2015-06-08 17:45djordjijeNote Added: 0008601
2015-10-29 15:29francisRelationship addedrelated to 0003374
2015-10-31 21:04zhbNote Added: 0009063
2016-04-01 02:41zhbNote Added: 0009912
2016-09-08 10:33zhbNote Added: 0010638
2017-04-23 07:17razNote Added: 0011751
2017-04-23 07:18razNote Edited: 0011751bug_revision_view_page.php?bugnote_id=11751#r930
2017-04-23 07:19razNote Edited: 0011751bug_revision_view_page.php?bugnote_id=11751#r931
2017-07-05 18:45pavinjosephNote Added: 0012038
2018-05-07 22:53zhbNote Added: 0012867
2018-05-15 10:38KhusseinNote Added: 0012879
2018-05-15 10:39KhusseinNote Edited: 0012879bug_revision_view_page.php?bugnote_id=12879#r1115

Notes
(0000626)
MSmiatek   
2010-02-23 10:02   
I need SASL support too :)
its not a good way to whitelist the hole sogo server on the mailsystem for everything

(0002771)
maybee   
2011-07-31 09:44   
I hope that this feature will be developed soon, otherwise I have to switch the groupware again :(
(0002772)
corradofiore   
2011-07-31 10:29   
Since there are many people interested in having this feature implemented, maybe we could ask for an estimate to Inverse and share the expense.
(0003010)
ffischer   
2011-11-16 07:01   
+1 for SMTP AUTH

Could Pantomime be used for this? http://www.collaboration-world.com/pantomime [^]
(0006446)
michal_b   
2014-01-28 08:05   
I am also very interested in such ability (both SASL Auth, TLS/SSL for SMTP). I am a bit surprised that this feature is not included it today.
Please take an attention to this request.
thank you!
(0006455)
Christian Mack   
2014-01-29 13:11   
Auth PLAIN is implemented for SMTP, but without TLS/SSL.

As workaround we use stunnel in order to get STARTTLS encrypted connections to our mailserver.
(0006467)
michal_b   
2014-02-01 16:38   
Hi Chris, yes, thank you. With stunnel it is possible to use SSL/TLS. I have just implemented it and it works. Just for completeness the different tcp port for inbound stunnel can be defined using "host:port" format of "SOGoSMTPServer" parameter.
(0006604)
tanstaafl   
2014-03-03 09:24   
stunnel is simply a workaround.

Direct support for STARTTLS is really a mandatory thing in the SMTP/IMAP/POP world these days.

+1 for implementing real STARTTLS support.
(0006644)
obnox   
2014-03-05 22:32   
+1 for STARTTLS of course

But please also consider implementing CRAM-MD5 AUTH method at least (DIGEST-MD5 would also be great).

Please don't stick only with PLAIN and/or LOGIN methods which are outdated. Digests a WAY more secure than anything else even without encryption!
(0006653)
tanstaafl   
2014-03-06 08:05   
@obnox

One thing at a time, please. Let's get proper STARTTLS working first (with PLAIN and LOGIN).

Then you can create feature requests for adding different/additional methods/mechanisms.
(0006654)
tanstaafl   
2014-03-06 08:07   
Question...

This feature request was opened in June of 2009 - almost 5 YEARS ago.

Does this mean there is no real interest by the developers to get it working?

I can't imagine it would be *that* hard - I mean, there *has* to be some open source code out there that you can 'borrow' for the heavy lifting?
(0008445)
jceb   
2015-05-04 15:18   
+1 for STARTTLS. Is there any news on this issue?
(0008601)
djordjije   
2015-06-08 17:45   
6 years old issue. any news on this issue?
(0009063)
zhb   
2015-10-31 21:04   
Please implement this feature, it's really useful.
(0009912)
zhb   
2016-04-01 02:41   
Dear developers,

Any update on this 7-year old feature request? SMTP over TLS is really a mandatory feature nowaday.
(0010638)
zhb   
2016-09-08 10:33   
Dear developers,

Any update? Still no plan to support SMTP over TLS?
(0011751)
raz   
2017-04-23 07:17   
(edited on: 2017-04-23 07:19)
Hey guys,
Is the smtp over tls auth feature in progress?
any news about it?

(0012038)
pavinjoseph   
2017-07-05 18:45   
Hope to have STARTTLS/TLS support soon!
(0012867)
zhb   
2018-05-07 22:53   
Dear developers,

Any update? Still no plan to support SMTP over TLS?
(0012879)
Khussein   
2018-05-15 10:38   
(edited on: 2018-05-15 10:39)
Hello Devs,

any chance to add this feature in next version, would be great.