[lug] smtp authentication with sendmail

Kevin Fenzi kevin at scrye.com
Fri Apr 12 19:38:48 MDT 2002 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Charles" == Charles Menzes <charles at lunarmedia.net> writes:

Charles> I'll take this email to respond to yours, and the previous
Charles> reply to my original post.

Charles> I'm completely in bed with sendmail, so moving to qmail or
Charles> postfix is out of the question less a complete overhaul of a
Charles> fairly complex environment. In short, its just not worth it
Charles> as long as I watch my back and lock down the hatches as best
Charles> I can.

Charles> Asking for users to using certificates for authentication or
Charles> port forwarding, its also pretty out of the question. My user
Charles> base is 100% Windows based, non-technical folk who just want
Charles> to send and receive their mail. Unfortunately, they're
Charles> roaming and have no desire to change their smtp server based
Charles> upon the LAN/DUN they attach to for the week.

Charles> I need a way to allow for user to pop/send from my servers no
Charles> matter where they are on the internet, and try my best to
Charles> prevent the servers I'm using to become the hideout of scum
Charles> and villany known as spammers.

Charles> And thus, I find myself wrestling with SASL.

Another common solution to this problem is to use 'pop auth before
relay'. qmail has a 'relay-ctrl' package that does this. I am sure
there is a solution for sendmail. Basically uses check email and once
they authenticate with the pop/imap/etc server it adds them to a list
of allowed relays for a short time (an hour). This allows them to send
out, but it's very unlikely that spammers will get the same ip and be
able to use it in that amount of time. Even if they knew they could
use your relay. 

Just another possibility. 

Charles> Charles

kevin
- -- 
Kevin Fenzi
MTS, tummy.com, ltd.
http://www.tummy.com/  KRUD - Kevin's Red Hat Uber Distribution
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/>

iD8DBQE8t4wpcVy2YPT92+ARAhSrAJ43KgltYH/BwE1IqNmyhWmLc1xLGACfVrJV
vBX40ISHJYhVg1k7IDlr8eo=
=1rTc
-----END PGP SIGNATURE-----

More information about the LUG mailing list