[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smtpd-auth and rblsmtpd
- To: Werner Amon <lists@xxxxxxxxxxxx>
- Subject: Re: smtpd-auth and rblsmtpd
- From: Markus Stumpf <maex-qmail@xxxxxxxxx>
- Date: Tue, 05 Apr 2005 00:45:43 +0200
- Cc: qmail@xxxxxxxxxxxxx
- Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
- Delivered-to: de5-qmail@sws5.ornl.gov
- Delivered-to: mailing list qmail@list.cr.yp.to
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=testkey; d=space.net; b=UeMWEdB/J7qIdjh0cyIDSxJZEg6UHBVnoo++0LuanSuJjFhB+Aj5JcLaI3UH7Gsm ;
- In-reply-to: <4251B70E.50308@babeworld.at>
- Mailing-list: contact qmail-help@list.cr.yp.to; run by ezmlm
- Organization: SpaceNet AG, Muenchen, Germany
- References: <4251B70E.50308@babeworld.at>
- User-agent: Mutt/1.4.1i
On Mon, Apr 04, 2005 at 11:52:14PM +0200, Werner Amon wrote:
> I have searched google, but did not found a good solution.
> Have anyone written a patch or a wrapper that someone can use smtp-auth
> together with rblsmtpd? I mean that rblsmtpd would be executed after
> smtp-auth.
Seperate the services.
Use Port 587 (submission) for authenticated connections of your customers
and use them without rblsmtpd (which is not needed for AUTH connections).
All you have to do is
- duplicate the qmail-smtpd run scripts and change the port from 25 to 587.
- make a little change to qmail-smtpd code:
the smtp-auth patch sets "relayclient"
if the client sends a "mail from" without relayclient being set
and the local port is MSA port 587 (not SMTP port 25)
send an error.
The local port can be obtained via the env variable TCPLOCALPORT
that way only authenticated connects are allowed on port 587.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"