github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #5130] frp tunneling for synology mail plus server by passes authentication #4013

New issue
Closed
opened 2026-05-05 14:32:59 -06:00 by gitea-mirror · 2 comments
gitea-mirror commented 2026-05-05 14:32:59 -06:00
Owner
Copy link

Originally created by @last-Programmer on GitHub (Jan 16, 2026).
Original GitHub issue: https://github.com/fatedier/frp/issues/5130

Bug Description

When we are tunneling smtp ports 25, 465, 587 to synology mail plus server we can send semtp messages without authentication and the mail is relayed

Here is the problem report

https://community.synology.com/enu/forum/1/post/195544

Is there anyway we can overcome this?

frpc Version

0.66.0

frps Version

0.66.0

System Architecture

linux/amd64

Configurations

proxied 25, 465 and 587 ports

Logs

No response

Steps to reproduce

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @last-Programmer on GitHub (Jan 16, 2026). Original GitHub issue: https://github.com/fatedier/frp/issues/5130 ### Bug Description When we are tunneling smtp ports 25, 465, 587 to synology mail plus server we can send semtp messages without authentication and the mail is relayed Here is the problem report https://community.synology.com/enu/forum/1/post/195544 Is there anyway we can overcome this? ### frpc Version 0.66.0 ### frps Version 0.66.0 ### System Architecture linux/amd64 ### Configurations proxied 25, 465 and 587 ports ### Logs _No response_ ### Steps to reproduce ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror commented 2026-05-05 14:33:02 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Jan 20, 2026):

frp is a transparent TCP proxy and does not implement or bypass SMTP authentication itself. If unauthenticated relaying becomes possible only when exposing SMTP ports via frp, it usually indicates the backend SMTP service treats the proxied connection as “trusted/internal” (e.g., based on source IP/network) and allows relay without AUTH. Please review Synology Mail Plus relay/auth policies (disable open relay, require SMTP AUTH for submission, restrict relay to authenticated users) and add network controls on the frps side (firewall / IP allowlist / avoid exposing port 25 publicly).

<!-- gh-comment-id:3770751290 --> @fatedier commented on GitHub (Jan 20, 2026): frp is a transparent TCP proxy and does not implement or bypass SMTP authentication itself. If unauthenticated relaying becomes possible only when exposing SMTP ports via frp, it usually indicates the backend SMTP service treats the proxied connection as “trusted/internal” (e.g., based on source IP/network) and allows relay without AUTH. Please review Synology Mail Plus relay/auth policies (disable open relay, require SMTP AUTH for submission, restrict relay to authenticated users) and add network controls on the frps side (firewall / IP allowlist / avoid exposing port 25 publicly).
gitea-mirror commented 2026-05-05 14:33:03 -06:00
Author
Owner
Copy link

@last-Programmer commented on GitHub (Jan 20, 2026):

Thank you for the reply. It seems to be that it is an issue with synology mail plus server. since frpc is connecting to smtp server from localhost it is being treated as trusted and sends the mail. I tried sending real ip with transport.proxyProtocolVersion = "v2" and synology mail plus server does not like it. it is failing to send the mails. I have contacted synology support in regard to this.

<!-- gh-comment-id:3772021971 --> @last-Programmer commented on GitHub (Jan 20, 2026): Thank you for the reply. It seems to be that it is an issue with synology mail plus server. since frpc is connecting to smtp server from localhost it is being treated as trusted and sends the mail. I tried sending real ip with transport.proxyProtocolVersion = "v2" and synology mail plus server does not like it. it is failing to send the mails. I have contacted synology support in regard to this.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#4013
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?