----- Original Message -----
From: Wolfgang Walter <[EMAIL PROTECTED]>
To: Thilo Bangert <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, June 26, 2000 4:42 PM
Subject: Re: selective relaying: two smtpd�s?
> On Fri, Jun 23, 2000 at 04:47:44PM +0200, Thilo Bangert wrote:
> > Hi all,
> >
<snip>
> >
> > i absolutely need to allow my pop3 users relaying, for which i want to
use
> > relay-ctrl (is there a better solution out there). but that would mean
the
> > smtp-port would be blocked for any connections, except those made
available
> > by relay-ctrl, so no mailserver could deliver email for my users.
> > I figured, a way to get around this would be to have to qmail-smtpd�s
> > running: one allowing selective relay by using rcpthosts (incoming
smtp),
> > and another being made available by relay-ctrl (outgoing smtp).
> >
<snip>
> How do you start qmail-smtpd? If you use inetd this is a little bit
difficult.
>
> One way to do that is: assign 2 ip-adresses to you mailserver. Use one
> address to receive mail from outside with qmail, the other one for
relaying.
>
> You can even use qmail for both tasks.
>
> We for example use xinetd to start qmail-smtp:
>
> 10.20.30.10 is for relaying your clients
> 10.20.31.11 is for receiving
>
> Be 10.20.30.0/19 your network (where your clients are):
>
> -----------------
> service smtp
> {
> id = mailout-smtpd
> socket_type = stream
> protocol = tcp
> interface = 10.20.30.10
> wait = no
> user = qmaild
> server = /var/qmail/bin/tcp-env
> server_args = /var/qmail/bin/qmail-smtpd
> only_from = 10.20.30.0/19
> env = RELAYCLIENT=
> }
>
> service smtp
> {
> id = mailin-smtpd
> socket_type = stream
> protocol = tcp
> interface = 10.20.30.11
> wait = no
> user = qmaild
> server = /var/qmail/bin/tcp-env
> server_args = /var/qmail/bin/qmail-smtpd
> no_access = 10.20.30.0/19
> }
> ------------------
>
> Use rcpthosts to restrict qmail-smtpd to only receive for your domains
> Setting the environment variable RELAYCLIENT when your clients access
> qmail via 10.20.30.10 switch rcpthosts for them off. With only_from you
> control that only hosts in your network can access qmail with RELAYCLIENT
> set.
>
> Of course, you can start relay-ctrl instead of qmail-send.
>
> And xinetd is not the only superdaemon you could use (I think there is one
> >from Bernstein, too) but it is part of a lot of distributions.
>
>
> Greetings
>
> Wolfgang
>
You are right - but in your case you need to know the ip�s from your
clients. My clients could come from all over the world and I have no other
way than checking their poppassword to know that they are legitimite.
the superdaemon you are referring to is tcpserver and is part of the
deamontools-0.53 and it can in fact do the same as you setting does -
unfortuneatly this is not what I want. Thank you anyways. I think you got me
on the right path - thanks
thilo
