[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qmail
Subject:    Re: A qmail-smtpd that only accepts auth'd messages?
From:       Erwin Hoffmann <feh () fehcom ! de>
Date:       2005-08-23 18:36:34
Message-ID: 3.0.6.32.20050823203634.012e7c58 () orion ! fehnet ! de
[Download RAW message or body]

Hi,


At 10:22 30.06.2005 -0400, David Hubbard wrote:
>I'm running the common auth patch and am wondering
>if there is an easy, or even difficult, change I can
>make that would make qmail-smtpd only accept messages
>where authentication occurred, i.e. don't accept a
>message just because the domain is in rcpthosts,
>actually require they authenticate even if the domain
>is handled locally.

Two steps:

1. Empty out control/rcpthosts (et al.) but keep the empty file.
2. Remove RELAYCLIENT="" from the tcpserver cdb.

Remark:

In doing so, you restrict that qmail system *only* to those userids being
in the local authentication database. If this authentication fails/is
missing the connection will be closed due to insufficient credentials.

Remark 2: 

Typically, you will refrain from (2.), thus allowing unrestricted usage for
your system for local accounts - in particular for Pop-before-Smtp.

Using my SPAMCONTROL patch (which includes 'the common auth' patch), you
may decouple Authentication from Relaying by means of the environment
variable "REQUIREAUTH".

regards.
--eh.

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24
[prev in list] [next in list] [prev in thread] [next in thread]