Closed Mail Relay should support Password authentication.

kjain2 · ‎Jun 10, 2020

If we use closed mail relay then it should support SMTP authentication in Integrity, Best practice is to provide some configuration properties :-

1) Authentication is enable or not - True or False

2) One property could distinguish between TLS or SSL enablement.

3) One property to define Password of Email ID used in property mksis.im.notifierAddress.

4) One property to define Password of Email ID used in property mksis.logging.email.from

PS: If organization is permanently moving on Closed Mail Relay and no open relay is allowed then it's a little bit difficult. Only workaround as of now is to get a virtual server from Mail Relay Team.

For the trigger mail notification i still have one custom way to send notification using Closed Mail Relay but for system defined notification (mksis.logging.email.from) there is no way with Closed Mail Relay.

Feel free to share your views, ideas on this and how you are handling this situation in your side.

yashul · ‎Jun 12, 2020

This is indeed a generic requirement across multiple customers and is essential to IT policies of most of the PTC Customers.

AmartyaMallick · ‎Jul 29, 2021

For a forthcoming release, we have been researching the closed email relay via the Simple Mail Transfer Protocol (SMTP). This would entail, using a username and password to authenticate the user on the SMTP server using the BasicAuth Authentication scheme together with enabling SSL/TLS encryption

However while doing so, we found that Microsoft has recommended all its customers using Exchange Online to stop supporting the BasicAuth Authentication scheme. They are recommending that customers move to the Modern Authentication scheme which is basically a combination of AuthZ and AuthN i.e. user authentication and user authorization respectively. These terms are commonly used when using Identity and Access Management. User Authentication relates to validating the identity of the user while user authorization is what the user is authorized to do once logged in. Please see the below article where Microsoft has made the recommendation for disabling BasicAuth.

https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online

Therefore the question is

Whether your IT will be able to use the closed email relay via SMTP with the BasicAuth Authentication scheme at your organization?
What is the email provider used at your organization?

mmittermeier · ‎Jul 29, 2021

Hi Mallick,

first of all thank you, to take care for this request, because our Security Board force us to use only application with close mail relay in2022

According your question:

The deactivation of Basic Auth only takes place in the Microsoft cloud.

The relay that is used in this case is operated OnPrem and is therefore not affected by the shutdown.

But never the less I would appreciate if PTC has also a easy way for strong authentication with saml2.0 or ODIC to the MS-Azure.

KartikOak · ‎Aug 30, 2021

KartikOak · ‎Aug 30, 2021

KartikOak · ‎Jan 03, 2022

Hello,

Closed Mail Relay has been introduced in Windchill RV&S 13.0

Please refer this link on the details around the functionality.

Thanks

Kartik

mmittermeier · ‎Jan 03, 2022

Hello Kartik,

happy new year, and thank you very much. It is gerate to introduce Close Mail Relay in 13.0, our security departmen will appreciate this.

Thanks

Manfred

kjain2 · ‎Jan 14, 2022

Hello @KartikOak ,

Thanks a lot for introducing this, i am pretty sure this will fulfil the need for many customers.

Vielen Dank / Many Thanks,
Kapil Jain