Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem With SMTP Server

 
John Ray Allen
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a problem regarding on the authentication of Emails on my application. Is it OK if my Java Program will be the one who will validate and authenticate the Email instead of the SMTP server? If it is possible how can I do that guys...I need to hear your opinions regarding on this matter guys..Thanks!
 
M Beck
Ranch Hand
Posts: 323
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
it's not exactly clear what you're trying to ask, but... most SMTP servers aren't going to care what your Java program does or does not do. if the SMTP server is set up to authenticate senders, then it'll do that, likely regardless of what your program has done before. if the server isn't configured for authentication, then it won't... do you have control over this SMTP server to change its configuration?

(also, i could ask what you mean by "authenticate [a] sender". there are several different strategies a SMTP server can use for that, depending on who or what is considered "authorized" to be sending email through the SMTP server in question. what role, if any, is your program supposed to play in that larger picture?)
[ February 07, 2005: Message edited by: M Beck ]
 
John Ray Allen
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What I mean is that not all SMTP servers are designed to authenticate connections..you can connect to the server with all permissions reagrdless of whatever process you are conducting..How can I enhanced my JAVA PROGRAM especially if it is connecting to a SMTP server that permits all connection? For security reasons..I think you would agree to me that I should have the validation or authentication on my application for users if I would use that kind of SMTP server..In need of your opinions..Thanks!
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, don't rely on your SMTP server for authentication, since the SMTP standard does not included a reliable authentication mechanism. There is an extension "standard" called ESMTP that does specify a route to proper authentication, but JavaMail doesn't have any Transport class for this protocol. Its a better practice to properly secure your SMTP server as part of your infrastructure, and handle authentication to it in your app server. That way you at least have a single point of configuration, which helps reduce the risk of securing holes creaping in.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic