Re: [courier-users] SMTP Auth

This is a discussion on Re: [courier-users] SMTP Auth within the Courier-Imap forums, part of the Mail Servers and Related category; --===============0330407051== Content-Type: multipart/alternative; boundary=Apple-Mail-6-363970220 --Apple-Mail-6-363970220 Content-Type: text/plain; charset=US-...


Go Back   Usenet Forums > Mail Servers and Related > Courier-Imap

Reload this Page Re: [courier-users] SMTP Auth

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 04-17-2008
Matt Miller
 
Posts: n/a
Default Re: [courier-users] SMTP Auth

--===============0330407051==
Content-Type: multipart/alternative; boundary=Apple-Mail-6-363970220


--Apple-Mail-6-363970220
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit

Beat me by a minute...

I think they key misunderstanding here is the difference between being
an "open relay", which means that anyone can use your mail server to
deliver mail to anywhere and which Courier doesn't do by default, and
allowing unauthenticated relaying for your domains, which is vital
because otherwise no one could deliver mail to you.

Again, for this problem, think filtering not authentication.

Matt Miller
IT Freedom
direct 512.351.4978
matt.miller@itfreedom.com
helpdesk 512.419.0070 : fax 512.419.0080

On Apr 17, 2008, at 12:06 PM, Jay Lee wrote:

> MrOzone wrote:
>> Ok that's good. But the problem that I'm seeing is someone
>> externally can connect to this box and spam to our local domain.
>
> That would be normal, SMTP auth prevents open relays, it can't do
> anything to prevent spam. If you require all servers to authorize
> then how in the world is legitmate, non-local mail supposed to get
> through?
>
>> But to spam through this box you need to auth.
>
> Which unless you've screwed up elsewhere the spammers should not
> have the ability to auth, thus you're not an open relay.
>
>> Is it possible I am just missing a setting to say sendine internaly
>> or externally needs to auth?
>
> I think you're missing the point of SMTP auth...
>
> Jay
>
> --
> Jay Lee
> Network/Systems Administrator
> Information Technology Department
> Philadelphia Biblical University
>
> <
> jlee
> .vcf
> >
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
> Don't miss this year's exciting event. There's still time to save
> $100.
> Use priority code J8TL2D2.
> http://ad.doubleclick.net/clk;198757...______________
> courier-users mailing list
> courier-users@lists.sourceforge.net
> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-
> users


--Apple-Mail-6-363970220
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; ">Beat me by a minute...<div><br =
class=3D"webkit-block-placeholder"></div><div>I think they key =
misunderstanding here is the difference between being an "open relay", =
which means that anyone can use your mail server to deliver mail to =
<i>anywhere</i>&nbsp;and which Courier doesn't do by default, and =
allowing unauthenticated relaying for <i>your domains, </i>which is =
vital because otherwise no one could deliver mail to you.</div><div><br =
class=3D"webkit-block-placeholder"></div><div>Again, for this problem, =
think filtering not authentication.<br><div apple-content-edited=3D"true">=
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; =
color: rgb(0, 0, 0); font-family: Times; font-size: 16px; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-align: auto; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0; "><br =
class=3D"Apple-interchange-newline"><hr color=3D"#34454e" =
style=3D"text-align: right; "><font face=3D"Verdana" size=3D"2" =
color=3D"#34454e"><div style=3D"text-align: right; "><span =
class=3D"Apple-style-span" style=3D"font-weight: bold; ">Matt =
Miller</span></div><em><div style=3D"text-align: right; "><span =
class=3D"Apple-style-span" style=3D"color: rgb(245, 132, 37); =
font-weight: bold; ">IT Freedom</span></div></em><div style=3D"text-align:=
right; ">direct 512.351.4978</div><div style=3D"text-align: right; "><a =
href=3D"mailto:matt.miller@itfreedom.com">matt.mil ler@itfreedom.com</a></d=
iv><div style=3D"text-align: right; ">helpdesk 512.419.0070 : fax =
512.419.0080</div></font></span> </div><br><div><div>On Apr 17, 2008, at =
12:06 PM, Jay Lee wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite">MrOzone =
wrote:<br><blockquote type=3D"cite">Ok that's good. &nbsp;But the =
problem that I'm seeing is someone externally can connect to this box =
and spam to our local domain.<br></blockquote><br>That would be normal, =
SMTP auth prevents open relays, it can't do anything to prevent spam. =
&nbsp;If you require all servers to authorize then how in the world is =
legitmate, non-local mail supposed to get through?<br><br><blockquote =
type=3D"cite">But to spam through this box you need to =
auth.<br></blockquote><br>Which unless you've screwed up elsewhere the =
spammers should not have the ability to auth, thus you're not an open =
relay.<br><br><blockquote type=3D"cite">Is it possible I am just missing =
a setting to say sendine internaly or externally needs to auth? =
<br></blockquote><br>I think you're missing the point of SMTP =
auth...<br><br>Jay<br><br>-- <br>Jay Lee<br>Network/Systems =
Administrator<br>Information Technology Department<br>Philadelphia =
Biblical =
University<br><br><span>&lt;jlee.vcf&gt;</span>---------------------------=
----------------------------------------------<br>This SF.net email is =
sponsored by the 2008 JavaOne(SM) Conference <br>Don't miss this year's =
exciting event. There's still time to save $100. <br>Use priority code =
J8TL2D2. <br><a =
href=3D"http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun=
..com/javaone___________________________________________ ____">http://ad.dou=
bleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone_________=
______________________________________</a><br>courier-users mailing =
list<br>courier-users@lists.sourceforge.net<br>Unsubscribe: =
https://lists.sourceforge.net/lists/listinfo/courier-users<br></blockquote=
></div><br></div></body></html>=

--Apple-Mail-6-363970220--


--===============0330407051==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757...un.com/javaone
--===============0330407051==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users

--===============0330407051==--

Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 07:11 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0