Hi, >> I have a really old system with an early version of postfix on it, but >> I'm not sure the version really matters for my problem. I'm attempting >> to use a pop-before-smtp hash as a way of providing authentication >> prior to being able to use the server to send mail. However, it >> doesn't appear to be working. I can telnet directly to port 25 from a >> remote host and send mail to a local recipient on that server without >> having authenticated through the pop-before-smtp system first. > > This is normal operation for a general-purpose mail server. Mail to > local users can be received from anywhere (subject to spam > controls). Only authorized users can relay to a third-party > destinations. > > This is a typical setup for an internet-facing mail server.
It's somewhat of an internal server, despite being connected to the Internet. No one was ever supposed to connect to it directly, and trying to convert everyone to SMTP Auth is going to be a challenge. >> I'm working on >> upgrading the server to use SMTP Auth, and only allowing port 25 from >> trusted relays, but it's a long process. > > We'll be pleased to help. It's best if you start by describing the > overall goal rather than how to implement some particular feature. Thanks so much, as always. I'm well on my way to doing exactly what you've described with dovecot and postfix. The existing system is definitely antiquated. It's probably a pre-v1.0 postfix, actually. I'm finally getting approval for an upgrade. The relay server for this mail spool server was designed to really only receive mail for this one domain, so virtual hosts weren't used. I'm finding in order to test this new system, call it host1, I've had to create a virtual domain along with the relay_domain and use it to forward mail for a few test users in the virtual domain to the test system. It then of course complains about having the domain listed in both relay_domains and virtual_domains. Hopefully that will hold up for the next week or so during my testing. Thanks again. Perhaps I'll create a new post with my config and ask for your help to review before I go live with the new system. Thanks, Alex
