On Mon, 2002-01-28 at 07:06, Oliver Bausinger wrote: > > 1) The server should accept all mails for himself without the need of TLS and > Authentication > 2) The server should accept mails from some other (trusted) computers as > general relay host without the need of authentication (can be done with > locals file?)
I usually set this up by writing two files in /etc/courier/esmtpacceptmailfor.dir: locals and relays. List your locally delivered domains in locals, and the domains you want to accept mail for, but aren't local, in relays. Symlink /etc/courier/locals to /etc/courier/esmtpacceptmailfor.dir/locals. > 3) People accessing the server from other (untrusted) computers should be > able to use as relay for every kind of destination after authenticating > themselves, and this authentication has to be secured by SSL/TLS. (By the > way, there is no direct way to let courier listen on 465 (smtps) analogue to > imaps/pop3s, is it?) I've sent Sam a patch to set up smtps service, and it'll be in the next release. You can look back a few days in the list archives to find it, I think. Setting Courier up to allow authentication only over TLS is tricky. It's not Courier's problem, though, it's the clients. To set it up in Courier, just don't list any thing in the ESMTPAUTH variable, but list your auth methods in ESMTPAUTH_TLS. Courier won't advertise authentication when clients connect until they STARTTLS. However, all of the clients that I've actually tried it with don't recognize that authentication is a feature unless it's advertised at the initial connection. This will probably work if you use smtps rather than STARTTLS.
signature.asc
Description: This is a digitally signed message part
