Nick, 62.95.12.146 was my testing client, behind a firewall.
-----Ursprungligt meddelande----- Från: Nick Hemmesch [mailto:[EMAIL PROTECTED] Skickat: den 17 maj 2006 18:39 Till: qmailtoaster-list@qmailtoaster.com Ämne: Re: SV: [qmailtoaster] Roaming users and /etc/tcprules.d/tcp.smtp.cdb Hi Mattias, I was just looking at your tcp.smtp entry. Check to be sure you are not allowing everyone to relay through you on 62.95.12.146 There are a lot of open relay testers listed on google. Regards, Nick > Hi Mattias, > > There is no longer a switch for roaming users, a security issue. A couple > years ago we went entirely with SMTP-AUTH to resolve this issue. > > As you found, to enable roaming users, one must change the config portion > of the spec file and rebuild it. > > Regards, > > Nick > > >> Jake, >> >> Why the hostility? >> >> I use qmailtoaster because it's a good package, and looking at the >> documentation, the toaster supports roaming users with the roaming >> switch. >> >> Or is that documentation obsolete? >> >> And the 2nd part is that I want pop-before-smtp to add specific rules. >> Just >> like you thought I meant. As I wrote before, it adds.. >> >> 62.95.12.146+RELAYCLIENT=+RBLSMTPD >> Instead of, >> >> 62.95.12.146:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",C >> HKUSER_WRONG,RCPTLIMIT="10",DKVERIFY="DEGIJKfh",QMAILQUEUE="/var/qmail/bin/s >> imscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig" >> >> But, looking at the tcp.smtp file again, it kind of looks like there is >> a >> rule in tcp.smtp that applies to all users that is "allowed" in >> tcp.smtp? >> >> // Mattias >> >> -----Ursprungligt meddelande----- >> Från: Jake Vickers [mailto:[EMAIL PROTECTED] >> Skickat: den 17 maj 2006 15:37 >> Till: qmailtoaster-list@qmailtoaster.com >> Ämne: Re: [qmailtoaster] Roaming users and /etc/tcprules.d/tcp.smtp.cdb >> >> Mattias Segerdahl wrote: >>> First off, sorry about the re-post to the list. But no one seems to >>> reply >> to >>> my former email. So I'll give it a try with a better topic. >>> >>> I've enabled roaming users with vpopmail due to the fact that it's >>> impossible to get 20,000 users to suddenly switch to smtp auth. Further >>> more, I think it's the wrong approach since most users are used to >>> setting >>> up email accounts without SMTP auth. >>> >>> Now, to the problem, after enabling roaming users, the >>> /etc/tcprules.d/tcp.smtp.cdb file is rebuild as it should, but which >>> file >>> would I edit in order to input the correct rules for the ip? >>> >>> At the moment my /etc/tcprules.d/tcp.smtp looks like this: >>> >>> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" >>> >> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG >>> RCPTLIMIT="10",DKVERIFY="DEGIJKfh",QM >>> >> AILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig" >>> >>> Which is the default file after installing qmailtoaster, but, when >>> connecting to pop3, I get the following row.. >>> >>> 62.95.12.146+RELAYCLIENT=+RBLSMTPD> >>> I'd like to add a couple of "rules" to each row, how would this be >>> done? >>> >> Everyone is entitled to an opinion. You have yours, and smtp-auth is the >> way the package is set up. You can always go somewhere else and follow >> their guide to compile it from source to turn it back on. >> The next part of the problem is that I don't understand what you're >> asking. What are you trying to add? If you want to add specific smtp >> handling information for specific IPs, then you would add it to the >> tcp.smtp file and rebuild the cdb to make it active. >> >> --------------------------------------------------------------------- >> QmailToaster hosted by: VR Hosted <http://www.vr.org> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > > --------------------------------------------------------------------- > QmailToaster hosted by: VR Hosted <http://www.vr.org> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
