We are running standard Plesk qmail and also have SMTP auth enabled.
Am 20.05.2010 um 19:40 schrieb Eric Shubert <[email protected]>: > I believe Sebastian's right. Greylisting won't come into play if the > sender is authenticating successfully. Your problem is that > authentication isn't happening, for whatever reason. > > In order to track down the problem, we need to know a bit more about > your configuration. Are you using any particular 'flavor' of qmail? > > In your client configuration, there should be a "server requires > authentication" or "use username and password" setting of some sort > (varies by client program). Be sure that's checked. > > -- > -Eric 'shubes' > > Sebastian Grewe wrote: >> Hey, >> >> I think there is an issue somewhere else. We are using SMTP Auth on >> Qmail Level and it works fine with Greylisting. Users are not being >> rejected when sending mail through the servers after SMTP >> authentication. >> >> I have no experience with Spamdyke doing the authentication. But make >> sure the users are actually doing the authentication process. >> >> Cheers, >> Sebastian >> >> On Thu, 2010-05-20 at 19:03 +0200, Boris Hinzer wrote: >>> Am 20.05.2010 um 18:15 schrieb Eric Shubert <[email protected]>: >>> >>>> Boris Hinzer wrote: >>>>> Hello, >>>>> >>>>> can anybody verify this behavior? >>>>> We are facing the situation, that if we whiteliste local >>>>> emailadresse the smtp auth is completely skipped. >>>>> Server is then acting like an open relay for these mailaddresses. >>>>> >>>>> In spamdyke.conf we have the following: >>>>> smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true / >>>>> var/ >>>>> qmail/bin/cmd5checkpw /bin/true >>>>> smtp-auth-level=ondemand-encrypted >>>>> >>>>> Best regards, >>>>> >>>>> Boris >>>> I can't verify, but this is the behavior I would expect. If >>>> something is >>>> whitelisted, all filters are bypassed. Likewise if a session is >>>> authenticated. Whitelisting can be dangerous, especially >>>> whitelisting >>>> your own domain(s). Whitelisting is intended more for getting >>>> around >>>> trusted mail servers that are misconfigured (rDNS issues >>>> typically). >>>> >>>> If your local users all authenticate (which they should), you can >>>> *blacklist* your local domains, which effectively blocks spam which >>>> spoofs/forges your domains. This is counter intuitive, but since >>>> your >>>> users authenticate, they will not be affected by the blacklist. >>>> >>>> What circumstance lead you to whitelist your local domain in the >>>> first >>>> place? Difficulty authenticating? >>>> >>>> -- >>>> -Eric 'shubes' >>>> >>>> _______________________________________________ >>>> spamdyke-users mailing list >>>> [email protected] >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> Actually if we don't whitelist our local users they also run into >>> greylisting process. This leads to very annoying messages in >>> Outlook, >>> which our users don't understand. >>> >>> At the moment we removed senders from whitelist and started an ip >>> based whitelist, which is IMHO second best solution (thinking of >>> cell >>> phones, ipad, etc.). >>> >>> We are also facing the fact that mails where senders are faked and >>> equal to receivers are getting through. >>> >>> Best regards, >>> >>> Boris >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
