News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – need a way for a device to email?

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – need a way for a device to email?

    Viewing 8 reply threads
    • Author
      • #2039443 Reply
        Susan Bradley
        AskWoody MVP

        With the demise of the Small Business Server platform, one of the changes I’ve made to my network is not using the same mail server that I use for the
        [See the full post at: Patch Lady – need a way for a device to email?]

        Susan Bradley Patch Lady

        3 users thanked author for this post.
      • #2039447 Reply
        AskWoody Lounger

        I just install the SMTP server role on any suitable server and configure it to only accept connections from the IP addresses of the printers on the network.  It then has Office 365 configured as the smart host.  Simple, reasonably secure, and free.

        • #2039463 Reply
          Susan Bradley
          AskWoody MVP

          Don’t you still have to have basic auth enabled for the smart host function?

          Susan Bradley Patch Lady

          • #2039470 Reply

            I don’t think so, because there isn’t any authentication. You just create a receive connector for your on-site server and anything with the correct domain name gets routed.

            • #2039553 Reply
              AskWoody Lounger

              What do you use as the smart host? Is it the MX record? e.g.

      • #2039453 Reply
        Da Boss

        Susan, I wonder if offer different plans to different geographic locations. The cheapest paid plan I’m being shown is the Gold plan, @ $14/month for 20,000 emails.

        Even a web-search for their Silver plan didn’t yield results… odd!

        • #2039467 Reply
          Susan Bradley
          AskWoody MVP

          I’ve sent them an email.  I just set it up last month and for sure it was there then.

          Susan Bradley Patch Lady

      • #2039454 Reply

        Do, in this order:

        1. Standardize printer settings and secure printers onto their own network.
        2. Revamp GPOs, cleaning up garbage and adding security as recommended in STIGs.
        3. Revisit OU structure to better allow for GPOs to function.
        4. run this ldap query either with get-aduser -ldapfilter or in the ADUC saved queries
          1. Users set with flags other than NORMAL_ACCOUNT, ACCOUNTDISABLE, or DONT_EXPIRE_PASSWORD
          2. (&(objectClass=user)(objectCategory=person)(userAccountControl:1.2.840.113556.1.4.804:=33438201))
          3. 99% of the time anything returned on this query is almost always a security concern and needs to be analyzed
        5. Audit remaining groups and service accounts for use.
        6. Start locking down and auditing network communication with an always-on vpn.
      • #2039556 Reply
        AskWoody Lounger

        Well, most ISPs around here still have an outgoing mail route for their subscribers’ use. So, relaying through that with the appropriate SPF etc. entries should work.

        I prefer to use a dedicated sender address for these that’s either a shared mailbox or an alias for some such, definitely not a primary address of any user account, so returns (bounces and whatever) get caught but that address cannot log in anywhere.

        Well, either that or put up a proper connector setup. Preferably through a local secured feeder server, really not impressed by the sending engines on various multifunction office devices…

      • #2039619 Reply
        AskWoody Lounger

        Pegasus Mail and the Mercury Mail Transport System.

        I have used Pegasus as an e-mail client for decades. I have no experience with the Mercury mail server but might be worth a look. Coded as an indipendent by the amazing David Harris.

        W7 x64 Pro&Home

      • #2039714 Reply

        If using GSuite, you can use their SMTP gateway and whitelist certain IP addresses to accept the forwards from. Works fairly well at a few of my clients.

      • #2040256 Reply
        Paul T
        AskWoody MVP

        I just install the SMTP server role on any suitable server and configure it to only accept connections from the IP addresses of the printers on the network

        On in-house systems I used the SMTP connector with auth free for the local domain only. Then it’s not a relay.

        cheers, Paul

      • #2042459 Reply

        As we administer Mailchimp for several of our customers in the UK, we’ve used Mandrill for all of our supported devices for several years.  We have it configured on all printer/copier/scanner devices for scan-to-email functionality and also within StorageCraft products we have deployed across on-premises servers to send us nightly reports for backups.

        We use a different SMTP API (password) for each client and overall Mandrill has been rock solid for us for several years now.

    Viewing 8 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – need a way for a device to email?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.