Find the answer to your Linux question:
Results 1 to 8 of 8
Hi I've got an email server up and running hosted in a server cabinate in london. what i want to do is allow local users (i.e. the mailbox's) to be ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2005
    Posts
    4

    Sendmail Relaying - huh i a bit confuseled


    Hi

    I've got an email server up and running hosted in a server cabinate in london.

    what i want to do is allow local users (i.e. the mailbox's) to be able to use the relay.

    Because it will be used by people on the move i can't have an access of the connecting networks.

    basically i want it to work in the same way it does with relay_local_from but i want to avoid it being used for spam.

    what is the best way to secure it when i need this kind of setup, would it be to use a auth password or is there something im just not getting?

    cheers

    - Mike

  2. #2
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Location
    Seattle, Washington
    Posts
    1,058
    There is a couple of ways of doing this. The prefered way is to use authenticated login. You will have to do a search on google on the correct method of doing this for the type of server you have.
    Or
    you can simply run webmail on your server and your local users can access their mail through a web page with no special credentials other than there normal username and pass.

    If you are running a REDHAT / FEDOORA box it already has squirrelmail and all you have to do is go to /etc/squirrelmail and add the domain and IP to the .conf file and then start httpd and webmail is off and running.

    I personally use the webmail feature myself.

    Mike
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

  3. #3
    Just Joined!
    Join Date
    Feb 2005
    Posts
    4
    that does sound good however i'm not sure its right for this application

    its all running through an exchange server so i realy need to just have the smtp and pop3 server (same computer as only have about 20mails).

    the system is fedora core 2
    dovecot running nod32 virus scanner
    sendmail doing all the external relaying
    procmail passing local mails to the INBOX's

    as i said its just a matter of securing the relaying, is there a simple AUTH single user and pass for the whole server?

    or is there something im missing, what is the best way to run an smtp server to be accessed from many ip's

    cheers

  4. #4
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Location
    Seattle, Washington
    Posts
    1,058
    Check this out:

    here
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

  5. #5
    Linux User
    Join Date
    Feb 2005
    Posts
    290
    paranoid point of view, it's better to establish a VPN to the London's server, then make the exchange server to allow only "private" ip (as in your VPN's IP) to relay thru it.

  6. #6
    Just Joined!
    Join Date
    Feb 2005
    Posts
    4
    ahhh this idea had occured to me and is a good option, the only problem is people will also be accessing the server who just use a simple outlook express (mainly coz this company is tight!)

    so although the vpn is a good option for the exchange, the people on the move (such as some of our people using a vodafone G3 doogle) will not be able to send.

    cheers for the thoughts though, does it matter that much if i have relay_local_from set, i know its a bad idea but is there a way to prevent it being used for spam that isn't AUTH?

    p.s. adrenaline the link you gave me was helpful with the auth, abit of an odd site though (programming and choir songs hmmmm)

  7. #7
    Just Joined!
    Join Date
    Feb 2005
    Posts
    4
    Hi

    I'm looking at using ASSP ( http://assp.sourceforge.net/ ) what is the conclusion on this app?

    cheers guys

  8. #8
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Location
    Seattle, Washington
    Posts
    1,058
    Quote Originally Posted by sykomike

    cheers for the thoughts though, does it matter that much if i have relay_local_from set, i know its a bad idea but is there a way to prevent it being used for spam that isn't AUTH?
    I do it. Use the access file to only allow relaying for you domain. The problem is that if you don't use AUTH and you are on someone elses domain and you want to send an email your domain won't relay that mail from the other domain you are on. IF you AUTH it then it doesn't care what domain you are on because it knows who you are. I don't run AUTH here is what I do.

    I ssh and watch my maillog then I send an email which errors in the maillog then it shows me the IP of the mail server then I go to the access file and enter the IP and restart service voila I can send mail now from that domain without anybody being the wiser.

    The drawback is that if you have users and you give them an email address they have to have a static IP or you have to allow there whole domain relay rights - bad news if they are an aol customer. This is where AUTH comes into play.

    The other thing I do is WEB MAIL because it uses IMAP and customers actually log onto the box local from the web. Then you don't need AUTH.

    The bad news is you really want you mail server tight because if the spammers do get a hold of it you get blacklisted and if that happens. No more mail server.

    Mike
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •