Limit the mechanisms advertised for inbound SMTP authentication


This article applies to:

  • Trustwave MailMarshal (SEG)

Question:

  • Can I limit the mechanisms advertised for inbound SMTP authentication?

Information:

By default the Receiver advertises and accepts CRAM-MD5, PLAIN and LOGIN

By default the connection is closed after ten failed attempts. 

You can limit the types advertised and accepted with an Advanced Setting or Registry entry.

  • In MailMarshal 10.0 and above, open the Management Console and navigate to Advanced Settings. Add a new value:
    • Name: Receiver.AuthMechanisms
    • Type: String
    • Value: one or more mechanism names separated by semicolons.
      For example: CRAM-MD5;LOGIN
  • In MailMarshal 8.X and below, open the Registry Editor on the Array Manager. Within the base registry key, navigate to \Default\Receiver
    • In version 8.X: HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Receiver
    • For information about the registry location for each version, see article Q10832.
    • Enter the value as a new REG_SZ (string) value named AuthMechanisms with one or more mechanism names separated by semicolons.
      For example: CRAM-MD5;LOGIN
  • Save your registry settings or configuration settings.
  • Commit the configuration changes and restart the MailMarshal Receive service on each node.
Warning: As always, take due care when editing the Registry. Make a backup before making changes.

Last Modified 4/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle14322.aspx