Thanks eric, will change mine and report back.

Dave M

On 12/8/2014 6:57 PM, Eric Shubert wrote:
I'm not sure what AUTH=0 does. I'm also unsure about ALLOW_INSECURE_AUTH=0. I wasn't aware that this option even existed, and am pretty sure that's the defualt value if it does. I'd ditch these, but keep REQUIRE_AUTH=0. Your tcp.submission file should be:

127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",NOP0FCHECK="1" 1.2.3.4:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1",REQUIRE_AUTH=0 :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1",REQUIRE_AUTH=1

(be careful of line wrap - there are 3 lines here)

The 127.: line is for squirrelmail. As long as it's using port 25, you don't need it here. You might want to change your SM config to authenticate though (see wiki), in which case you don't need the 127.: line in either tcp.* file.

Do *not* use the relayclient parameter, as that would allow someone to use your barracuda as a relay (open relay), unless barracuda is checking for local domains somehow and rejecting non-local email (which I doubt).


For the qmailctl script, after )cdb you should have:
  cdb)
tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
    chmod 644 /etc/tcprules.d/tcp.smtp*
    echo "Reloaded /etc/tcprules.d/tcp.smtp"
#   build cdb for submission
tcprules /etc/tcprules.d/tcp.submission.cdb /etc/tcprules.d/tcp.submission.tmp < /etc/tcprules.d/tcp.submission
    chmod 644 /etc/tcprules.d/tcp.submission*
    echo "Reloaded /etc/tcprules.d/tcp.submission"

Don't forget to change the submission/run file by removing the REQUIRE_AUTH=1 parameter, and change the tcp.X.cdb file name.

That should do it! (I think)



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to