Re: [vchkpw] Force Auth from all but localhost
On 2006-04-14, at 0338, Sascha Ebach wrote: how can I enforce that everybody (except localhost) has to authenticate via smtp auth. my combined patch, version 6 or newer, includes this functionality. http://qmail.jms1.net/patches/combined.shtml you can export a REQUIRE_AUTH=1 environment variable in the /service/ ___/run script to enable this for all IP addresses, and then add ,REQUIRE_AUTH=0 to the end of the appropriate line(s) in the tcpserver access control file (which is usually /etc/tcp/smtp or /etc/ tcp.smtp.) be sure to read the entire page- there are a LOT of patches rolled into the combined patch. you may find other features that you would like to use, or you may find features that you don't need. for the most part, i tried to add the patches in such a way that if you don't activate them (by creating a certain file or a certain environment variable) qmail will act as closely as possible to the way djb's original qmail programs act. and if you have any questions about it, feel free to ask- either use this list, or use the qmailrocks.org mailing list (but not the qmailrocks.org install directions... there are easier ways to beat your head against the wall.) -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | -- PGP.sig Description: This is a digitally signed message part
Re: [vchkpw] Force Auth from all but localhost
On 2006-04-15, at 1003, Remo Mattei wrote: John Simpson wrote: On 2006-04-14, at 0338, Sascha Ebach wrote: how can I enforce that everybody (except localhost) has to authenticate via smtp auth. my combined patch, version 6 or newer, includes this functionality. http://qmail.jms1.net/patches/combined.shtml I wonder if you have a similar patch like chkuser in your combined patch. i wonder why you haven't read the web page to see if it's in there or not. -- | John M. Simpson - KG4ZOW - Programmer At Large | | http://www.jms1.net/ [EMAIL PROTECTED] | -- | Mac OS X proves that it's easier to make UNIX | | pretty than it is to make Windows secure. | -- PGP.sig Description: This is a digitally signed message part
[vchkpw] Force Auth from all but localhost
Hi, how can I enforce that everybody (except localhost) has to authenticate via smtp auth. The way I have it configured now is that all that are not in rcpthosts have to authenticate, but all that are in rcpthosts can be send email without auth. How can I change that? Thank you. -- Sascha Ebach Digitale Wertschöpfung Hugo-Junkers-Str. 26 50739 Köln Tel: 0221 / 5994393Fax: 0221 / 5994394 mailto:[EMAIL PROTECTED] Web: http://www.digitale-wertschoepfung.de
Re: [vchkpw] Force Auth from all but localhost
Sascha Ebach wrote: Hi, how can I enforce that everybody (except localhost) has to authenticate via smtp auth. The way I have it configured now is that all that are not in rcpthosts have to authenticate, but all that are in rcpthosts can be send email without auth. How can I change that? Hi, You can't, other wise how would external mail servers send mail to you ? Regards, Rick
Re: [vchkpw] Force Auth from all but localhost
You'd want something like http://www.netable.com/~dburkes/qmail-smtpd-requireauth/dist/qmail-smtpd-requireauth-0.30.tar.gz to do it. Note that this patch is against old/different versions of the auth patch, so you'll have to just use it as a guide and do it by hand. In specific, and if I recall correctly, authd is renamed and you have to move a define for requireauth up a bit higher in the file. If you need a hand with that let me know. Then add REQUIREAUTH="" to your tcp.smtp file.You _DO NOT_ want to have this on port 25 for the default connection if you're receiving mail from others. It is useful for port 587 or some other submission port where you don't want non-authenticated mail to come through, so that you don't have to worry about Spam on these ports, and always know you have a user [useful for domainkeys for example to make sure that the auth user is always set].localhost:allowmy.class.c.:allow:allow,REQUIREAUTH=""-MSascha Ebach [EMAIL PROTECTED] wrote: Hi,how can I enforce that everybody (except localhost) has to authenticate via smtp auth. The way I have it configured now is that all that are not in rcpthosts have to authenticate, but all that are in rcpthosts can be send email without auth. How can I change that?Thank you.--Sascha Ebach Digitale Wertsch�pfungHugo-Junkers-Str. 26 50739 K�lnTel: 0221 / 5994393Fax: 0221 / 5994394mailto:[EMAIL PROTECTED]Web: http://www.digitale-wertschoepfung.de
