We would like to remind customers that you must enable SMTP authentication in your Email software and devices that send Email.

Our system requires that you authenticate with your Email account's login details when sending mail in addition to receiving. This means that in your Email software you need to specify your login details for both your incoming and outgoing servers. In some software, this is a simple tick box to indicate that you want to authenticate to send mail, in others you must specify your login details for your outbound connection.

This reminder has arisen because we have recently started removing a feature from our servers that allows you to send mail without authenticating if you have successfully logged in to receive mail within the last 30 minutes. This is called "antirelayd" and is considered to be a security risk these days, so we are starting to disable this feature on our servers. If you have recently discovered that you cannot send mail, then it is because you have incorrectly configured your Email software not to authenticate when sending and we have removed antirelayd from your server.

The login details for your Email account are your full email address and the password that you created for that address. We would also like to remind customers that we are seeing a marked increase in Email accounts being compromised and used to send spam, purely because customers have chosen very weak passwords. The internet is a public network and anyone can try and login to your Email. Spammers use increasingly sophisticated techniques to flood accounts with dictionary based attacks, so if you are using a simple password that contains an actual word, we would recommend that you change your password to something much more secure.

Most of the time you only need to enter your password into your Email software when you are setting the account up, so you can choose a very complicated password  - you don't need to remember it. If you ever need to use it again you can reset it from within cpanel anyway, so the more complicated you can make your email passwords, the better.


Thursday, November 28, 2013