External SMTP auth, single IP, spamassassin

[rgmhtt]

I have been plowing through the knowledge base....

I have my external users (me included when on the road) doing SMTP auth. (the one user that was giving me grief turned out to have all SMTP out blocked except to the old mailserver!).

I have IP addresses that I can use, but I want to stay with a single IP address and implement spamassassin. I read that enabling SMTPFILTER for spamassassin results in loss of SMTP auth for external users?

I really also need to get SSL working for SMTP. There is a warning about this creating an open relay when done with a single IP address.

So I am trying to put together a basic plan of action. BTW, holidays start tomorrow so, not much complex will get done for a couple of weeks. So throw reading material at me, and I will check back with a plan of action before changing anything...

Do I move users to port 587 for SMTP? And implement SSL on that port? Where is it documented how to set up port 587 for SMTP (where is using port 587 for users documented?).

I see the tech note in the knowledge base for setting up spamassassin on a single IP address and the man pages for spamassassin. I **hope** I can set that up ok, provided I do not muck up users sending of mail....

[ScalixSupport]

I have IP addresses that I can use, but I want to stay with a single IP address and implement spamassassin. I read that enabling SMTPFILTER for spamassassin results in loss of SMTP auth for external users?

Which document has that warning ? With SMTPFILTER, there is no need to have sendmail listening on external port 25. The SMTP Relay remains listening on that port and there is no loss of authentication.

I really also need to get SSL working for SMTP. There is a warning about this creating an open relay when done with a single IP address.

Take a look at http://www.scalix.com/community/viewtopic.php?t=1483&highlight=open+relay. This is not something that we've tested within Scalix but it solves the problem for other customers.

Do I move users to port 587 for SMTP? And implement SSL on that port? Where is it documented how to set up port 587 for SMTP (where is using port 587 for users documented?).

That has to be your choice. For secure SMTP, port 465 is the standard port number. Again look at the thread that I referred to previously for configuration.

Cheers

Dave

[rgmhtt]

I have IP addresses that I can use, but I want to stay with a single IP address and implement spamassassin. I read that enabling SMTPFILTER for spamassassin results in loss of SMTP auth for external users?

Which document has that warning ? With SMTPFILTER, there is no need to have sendmail listening on external port 25. The SMTP Relay remains listening on that port and there is no loss of authentication.

Knowledge # 165119. RIght from the intro:

"It is also the situation that most businesses will require users to authenticate with the server before being able to submit messages. If sendmail were the submission server, it would not be possible to authenticate against the Scalix server."


Will look at the rest of your note in a bit..

[ScalixSupport]

If sendmail were the submission server, it would not be possible to authenticate against the Scalix server."

And this is correct, IF sendmail were the submission server. As I stated above, with SMTPFILTER, there is no need to make sendmail the submission server.

Cheers

Dave

[rgmhtt]

If sendmail were the submission server, it would not be possible to authenticate against the Scalix server."

And this is correct, IF sendmail were the submission server. As I stated above, with SMTPFILTER, there is no need to make sendmail the submission server.

AH,,,,,,

Got it. thanks.