Qmail local domain smtp authentication

#1 (**permalink**) 05-29-2007

I run a qmail server, that was setup by a previous admin.
It uses smtp authentication, when a message is sent to a recipient that
is NOT local, the sender is prompted for a password. If authentication
is disabled on their mail client, the message is rejected.

When a message is sent to a domail which IS local, the authentication is
bypassed. Any sender can sent to a local domain withouth authenticating.

This is how ive seen it done on other ISP's, but to be honest, with the
number of domains hosted on this mail server, i would feel much better
if ALL sent messages required authentication.

Is there a way to accomplish this? Or is this just how qmail works?

Thanks

#2 (**permalink**) 05-30-2007

In article <WrWdnT7bMvhU-MHbnZ2dnUVZ_jCdnZ2d@ptd.net>,
Nathan <thorin@ptd.net> wrote:

> When a message is sent to a domail which IS local, the authentication is
> bypassed. Any sender can sent to a local domain withouth authenticating.
>
> This is how ive seen it done on other ISP's, but to be honest, with the
> number of domains hosted on this mail server, i would feel much better
> if ALL sent messages required authentication.
>
> Is there a way to accomplish this? Or is this just how qmail works?

Standard qmail does not support authentication at all. If your qmail is
supporting authentication, it's probably using one of the popular auth
patches available. For specific information on how that patch works and
what you can make it do, you'll need to figure out which patch it is and
find the documentation.

But in answer to your final question, "is this just how qmail works?",
that's the way most mail systems work, if they want their users to be
able to receive mail from the rest of the world. Other ISPs that try to
send mail to your users aren't going to authenticate.

If you're not running a mail server that needs to accept inbound mail
from the world at large, and you really do want a system that only
allows your users to send mail to each other, it's probably possible,
but you'll need to check the doc for your patch.

#3 (**permalink**) 05-30-2007

Thank you, that makes perfect sense. For whatever reason it didnt occur
to me that all incoming mail would then need to authenticate.

Thanks for the response!

Matt Simpson wrote:
> In article <WrWdnT7bMvhU-MHbnZ2dnUVZ_jCdnZ2d@ptd.net>,
> Nathan <thorin@ptd.net> wrote:
>
>
>>When a message is sent to a domail which IS local, the authentication is
>>bypassed. Any sender can sent to a local domain withouth authenticating.
>>
>>This is how ive seen it done on other ISP's, but to be honest, with the
>>number of domains hosted on this mail server, i would feel much better
>>if ALL sent messages required authentication.
>>
>>Is there a way to accomplish this? Or is this just how qmail works?
>
>
> Standard qmail does not support authentication at all. If your qmail is
> supporting authentication, it's probably using one of the popular auth
> patches available. For specific information on how that patch works and
> what you can make it do, you'll need to figure out which patch it is and
> find the documentation.
>
> But in answer to your final question, "is this just how qmail works?",
> that's the way most mail systems work, if they want their users to be
> able to receive mail from the rest of the world. Other ISPs that try to
> send mail to your users aren't going to authenticate.
>
> If you're not running a mail server that needs to accept inbound mail
> from the world at large, and you really do want a system that only
> allows your users to send mail to each other, it's probably possible,
> but you'll need to check the doc for your patch.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode