Limit the mechanisms advertised for inbound SMTP authentication


This article applies to:

  • Trustwave MailMarshal (SEG) 6.7 and above

Question:

  • Can I limit the mechanisms advertised for inbound SMTP authentication?

Information:

By default the Receiver advertises and accepts CRAM-MD5, PLAIN and LOGIN

By default the connection is closed after ten failed attempts. 

You can limit the types advertised and accepted by making a Registry entry.

  1. On the Array Manager, edit the Registry (10.X: use Advanced Settings in the Management Console)
  2. Navigate to the SEG Receiver key:
    • In version 8.X: HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Receiver
    • 10.X: value names have the prefix Receiver. (Receiver dot).
    • For full details of the location for each product version, see article Q10832.
  3. Add a STRING (REG_SZ) value
    • Value name: AuthMechanisms 
    • Value data: one or more mechanism names separated by semicolons.
      For example: CRAM-MD5;LOGIN
  4. Commit configuration changes.
  5. You may need to restart the Receiver service on nodes.

Warning: As always, take due care when editing the Registry. Make a backup before making changes.

Last Modified 4/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle14322.aspx