Another example of needing to relay via Authenticated user... If I use an IMAP client like Thunderbird, I can't send email out using my mail server...
Does Scalix assume that the mail server sits inside a corporate environment, instead of sitting out there on the internet?
A question about smtp authentication?
Moderators: ScalixSupport, admin
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Ooops, I think there is more confusion in this thread than necessary; hope I don't make a typo right now as I won't test it right now, but the full logic to do what all of you want is:
Believe the first line is actually implicit, but I've added it for clarity.
- if someone SMTP authenticates successfully, he'll be able to relay
- if the MAIL FROM: SMTP envelope does not match any of the authenticated users Internet addresses, the attempt to relay is prohibited
- SMTP connections coming from the SWA server (could be the same machine as the scalix server) are allowed to relay without authentication. This is necessary to make SWA work.
- all other attempts to relay are rejected.
I'm using Apple Mail against a scalix server run by us from external with SMTP authentication setup allright and I'm able to send to anyone from a non-trusted network. Still, noone is (hopefully.... .-) ) able to open-relay through our systems.
Cheers,
Florian.
Code: Select all
AUTH_SUCCESS Accept ALL
AUTH_MISMATCH Log_Reject ALL
RELAY Accept swaserver.company.com
RELAY Log_Reject ALL
Believe the first line is actually implicit, but I've added it for clarity.
- if someone SMTP authenticates successfully, he'll be able to relay
- if the MAIL FROM: SMTP envelope does not match any of the authenticated users Internet addresses, the attempt to relay is prohibited
- SMTP connections coming from the SWA server (could be the same machine as the scalix server) are allowed to relay without authentication. This is necessary to make SWA work.
- all other attempts to relay are rejected.
I'm using Apple Mail against a scalix server run by us from external with SMTP authentication setup allright and I'm able to send to anyone from a non-trusted network. Still, noone is (hopefully.... .-) ) able to open-relay through our systems.
Cheers,
Florian.
Florian von Kurnatowski, Die Harder!
)?
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
-
MK
I had the problem that my scalix-server was relaying spam-mails. After reading the messages in this forum I tried to modify smtp.cfg but the problem remained unchanged.
Now I recognized the source of the problem and this might be of interest to others too.
A user had put fetchmail into his crontab to forward his mails from an external mail server to his scalix account. fetchmail was running inside the trusted network causing spam mails to be accepted for relay.
Do you agree with my analysis?
regards
Michael
Now I recognized the source of the problem and this might be of interest to others too.
A user had put fetchmail into his crontab to forward his mails from an external mail server to his scalix account. fetchmail was running inside the trusted network causing spam mails to be accepted for relay.
Do you agree with my analysis?
regards
Michael
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Who is online
Users browsing this forum: No registered users and 6 guests