> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Jason R. Mastaler > Sent: Thursday, January 15, 2004 10:42 PM > To: [EMAIL PROTECTED] > Subject: Re: One more question - bounce processing... > > > "Mitch (WebCob)" <[EMAIL PROTECTED]> writes: > > > So do the dated thing though I'd have to have a lot more complicated > > config than I do now (I'm an ISP, with remote users... have to start > > simple and well documented and expand as possible...) > > > > For that I'd need to configure the smtp proxy, and accept mail there > > (and retag it) for all those outlook users - right? My webmail uses > > esmtp, so that would work the same... > > You can configure tmda-ofmipd a number of ways. You can run it on a > separate port such as 8025 and have users point their mail clients > there. Or, you can use regular old port 25 if the machine does not > receive incoming mail.
Right - yes there is always the incoming mail to consider ;-) in my zeal I'd forgotten about that, so yes - another port it is. Could run it on the msa port. > > But to allow SOME users to use this and not others, I'd have to use > > a separate port, and include that in some sort of advanced setup > > directions (or could this process be configured to just pass the > > message through if an environtment var / flag indicated the user did > > not want preprocessing... > > tmda-ofmipd does not currently have a "passthrough" method for users > without a TMDA setup, but it's on the TODO list. Considering all my users receive mail on their own IP's, that won't save me - but that's ok - with a few pretty pictures we can document as needed. > However, if the user has a minimal TMDA setup (I think only > ~/.tmda/crypt_key is needed for tmda-ofmipd), and his ACTION_OUTGOING > is set to 'bare', that's effectively the same thing. tmda-ofmipd will > process the mail, but won't change the addresses in the message. > > See http://mla.libertine.org/tmda-users/2003-11/msg00383.html > > Also, see TMDA FAQ 7.6. It is Exim specific, but might give you some > ideas for your own SMTP server. I think that does help... at least in concept... I can run a localmailfilter on courier - I think... which should allow me to xfilter my message through an external program - I write on stdin and read a modified message on stdout... can I do this rewrite directly witha tmda program or do I have to wrap it somehow? > > Setting BOUNCE_ENV_SENDER could be done globally based on the domain > > of the sending user - or does this have to be done in the smtp > > proxy? > > BOUNCE_ENV_SENDER is only used for challenge messages sent by TMDA in > response to incoming mail. See > http://tmda.net/config-vars.html#BOUNCE_ENV_SENDER > > > Does tmda-ofmipd proxy the authentication when it sends to the local > > smtp server? We don't allow ANY unauthenticated smtp > > No, because that would be double authentication, which seems > unnecessary. If the user has successfully authenticated with > tmda-ofmipd, shouldn't that be enough? > > By default, tmda-ofmipd will invoke the /usr/sbin/sendmail command on > the local system to inject the message which doesn't do any > authentication. > > That said, there is a way to do the double authentication if you > really need it. Maybe I do - maybe I don't. If tmda-ofmipd will suid to the authenticated users id, then i'd be fine - doubt you guys are doing that though... there wouldn't normally be a reason on my servers, only real user accounts can run sendmail - if I pass through proxy that removes that known user concept then I can't track message source back to a user / client and nail someone who violates the aup. Everything except cron jobs are typically submitted through authenticated smtp - even when on localhost. Is this easy to add / config? > > > One other question about this - I bet I know the answer cause you > > HATE programs that lose mail... the ofmipd doesn't return ok until > > the local smtp does - right? ;-) > > Right. Loving it. Wonder why I didn't find this software years ago. Hope it becomes a lot more popular. m/ _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
