[quote user="PaulW"]

[quote user="Jean-François Berne"]Is it possible to allow weak identification for some IPs ? I can't find this in the 'Connection Control' tab of MercuryS config.[/quote]

If it is a fixed IP address on your LAN, you can put it in Connection Control and allow it to relay (if that's what you want).  No authentication applies then - assuming you don't have the bottom box ticked (Only authenticated connections may relay), and you could turn it off in the camera.

How do your other workstations on the lan send mail - by authentication or IP address allowed?

[/quote]

Answers:

• I HAD checked the box 'only authenticated SMTP connections may relay', which means that ...
  
• ... others workstations on LAN (and on WAN) sent authentification;
• camera had/has fixed IP

So I read again the help with your remarks in mind and actually solved the pb:

• uncheked  'only authenticated may relay', but with...
  
• ...strict local relaying
• just the camera's IP in allowed connections list
• kept weak auth. disabled
  

Now, all mail clients still must authenticate themselves with strong auth. - as they always did. Only the cam may relay without auth. at all, which is precisely what I needed.

Thank YOU !

JF 

In a post with the subject "Order of Pegasus Mail‘s filtering tools (for incoming messages)" <http://community.pmail.com/forums/thread/1532.aspx> Thomas Nimmesgern writes about a "Global Whitelist"

He also writes about

    5. New Mail filtering rules
      5.1 on-open New Mail filtering rules
      5.2 on-close New Mail filtering rules 

 I can't find any reference in the manual to a  Global Whitelist or New Mail or "on-open" or "on-close"

 Can anyone please point me in the right direction.

 Many thanks.

Did you maybe look in the Mercury manual instead of the Pegasus manual?

/Rolf 

Indeed :(  the reference to Pegasus was obvious but I missed it. (I do not use it)

On the other hand, surely the sequence referred to there must relate to Mercury as all the filtering is done by Mercury as far as I can see.

Quote:

In a nutshell, the order is:

1. POP3-filtering rules
2. Global Whitelist
3. Spamhalter
4. content control definitions and their lists
   4.1 the whitelist for a content control definition
   4.2 the blacklist for a content control definition
   4.3 the content control rules for a content control definition

 End Quote.

Surely SpamHalter and Content Control is controlled by Mercury so the Global Whitelist must also be there?

I am using SpamHalter and that has an Exclude list which to me looks like the equivalent of a global whilelist.  Is this maybe what is being referred to?

Pegasus can be run integrated with Mercury or separately. Unless it says that a routine is based on Mercury the Pegasus manual describes how it works in Pegasus. Pegasus has a wide range of functionality that includes filtering, content control etc. SpamHalter can be run either with Mercury or in the client (or both).

/Rolf 

This may be a little out of date but it should give you a general overview of Mercury processing.

http://www.vandenbogaerde.net/pegasusmail/m_proorder.html

Thanks - understood.

[quote user="dilberts_left_nut"]

This may be a little out of date but it should give you a general overview of Mercury processing.

http://www.vandenbogaerde.net/pegasusmail/m_proorder.html

[/quote]

Old yet interesting: all these steps take place after MercuryS has placed the message in the queue.

I have a problem at MercuryS level:

• MercuryS is SSL enabled, 'weak' identificators are disabled: this is for my off-LAN users.
  
• I have an agent on the LAN which can only weak identification (an IP-camera)
• Problem is: camera can't use MercuryS to send its journal, must use off-LAN SMTP server -> security issue
  

 Is it possible to allow weak identification for some IPs ? I can't find this in the 'Connection Control' tab of MercuryS config.

A sort of whitelist before the whitelist...

 Thanks,

JF

Mercury/32 version = 4.72

[quote user="Jean-François Berne"]Is it possible to allow weak identification for some IPs ? I can't find this in the 'Connection Control' tab of MercuryS config.[/quote]

If it is a fixed IP address on your LAN, you can put it in Connection Control and allow it to relay (if that's what you want).  No authentication applies then - assuming you don't have the bottom box ticked (Only authenticated connections may relay), and you could turn it off in the camera.

How do your other workstations on the lan send mail - by authentication or IP address allowed?