On 2006-04-05, at 0002, Fernando Milovich wrote:
I mean bypass RBL is the client is authenticated. But it seems to be no possibly. This problem is because our customers use ISP connections like ADSL and Dial Up and these connections are blocked by CBL at spamhaus.org
I think i´ll have to change the RBL checker.

set up a second SMTP service for your users. it should not use port 25, it should not accept mail at all unless the client has sent a successful AUTH command, and it should not accept an AUTH command unless the connection is encrypted (via SSL or TLS.)

depending on the qmail patches you are using, the second and third conditions may not be possible for you- but the first condition, running an SMTP service on some other port, anybody can do. usually the biggest mental hurdle is realizing that it is possible to run multiple SMTP services on the same machine.

just take the "run" script from your existing service and copy it to a new service directory... change the port number from 25 (or "smtp", if that's how it's listed in your file) to 587, and fire it up. or run it on port 465, substitute sslserver for tcpserver, make a key pair, and you're up and running with an SSL-secured SMTP server.

http://qmail.jms1.net/smtp-service.shtml is a web page i wrote which explains how to set up SMTP services. it's slanted towards people who use my combined patch file (which you may want to take a look at- lots of tasty goodies in there) but the basic idea is the same for any qmail system- you can have as many SMTP services as you need, as long as each one has its own IP/PORT combination. it may contain some helpful information, and it certainly explains things in more detail than this message. enjoy.

| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <[EMAIL PROTECTED]> |
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply via email to