> -----Original Message----- > From: Bowie Bailey > Sent: Monday, February 02, 2004 9:49 AM
[ Snip ] > At the moment, my Courier server does not allow smtp > connections from the Internet. What I want to do is allow my > users to send mail through my server via authenticated smtp. > But I don't want any chance of other mail bypassing the > filtering server. > > There's not going to be an MX record for the Courier server, > but if it accepts smtp connections from the Internet, then I > have to assume that the spammers will eventually find it. I > know that a non-authenticated connection will not relay, but > I don't want spam sent to my users either. So I'm trying to > configure it so that it only accepts what is absolutely necessary. I understand that you've got the answer you were searching for, but consider (instead? As well?) using the MSA protocol for your users. This uses port 587 instead of port 25, and is the "proper" (per RFCs) solution for the underlying issue. You then can simply block port 25 for all but the trusted host (using iptables or equivalent), which has the virtue of making your mail server protected from cracking or DoS attacks... Granted, this involves educating your users, which is sometimes considered an impossibility... But teaching them to add the "this host requires authentication when sending" option to their clients is required anyway, so why not add the "use port 587" option, too? (MSA is 'just' ESMTP with mandatory authentication). [ This may be irrelevant to you, but MSA deserves to be better known, since it is A Good Thing! ] > Bowie Malc. ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
