From owner-freebsd-questions Tue May 8 20: 5:52 2001 Delivered-To: freebsd-questions@freebsd.org Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201]) by hub.freebsd.org (Postfix) with ESMTP id 18A1D37B422 for ; Tue, 8 May 2001 20:05:49 -0700 (PDT) (envelope-from jim@thehousleys.net) Received: (from root@localhost) by thehousleys.net (8.11.3/8.11.2) id f4935mO03691; Tue, 8 May 2001 23:05:48 -0400 (EDT) (envelope-from jim@thehousleys.net) Received: from thehousleys.net (baby.int.thehousleys.net [192.168.0.24]) (authenticated) by thehousleys.net (8.11.3/8.11.3) with ESMTP id f4935km03683; Tue, 8 May 2001 23:05:46 -0400 (EDT) (envelope-from jim@thehousleys.net) Message-ID: <3AF8B40A.65DD8910@thehousleys.net> Date: Tue, 08 May 2001 23:05:46 -0400 From: James Housley X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Marc W Cc: FreeBSD Questions Subject: Re: preventing SMTP Relaying, but having moving customers? References: <200105090001.RAA83674@akira.lanfear.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Marc W wrote: > > hello! > > i would like to have a couple of people access my mail server for > secure POP or IMAP access, but also want to prevent relaying on > sendmail (so i have relaying turned off right now). > > Now, the problem is, these people are accessing the server from > various machiens and various accounts, and it's well nigh impossible to > put their ip addresses or hostnames in /etc/mail/relay-domains. > > So, the question is, what means can I use to allow them to send > mail without opening myself up to relaying? > They prefered method, according to the sendmail.org website, is SMTP-AUTH. There are some details on the sendmail.org web site. But basicaly you have to install the cyrus-sasl port. Then add the required lines to /etc/make.conf from /etc/defaults/make.conf (search for SASL). Then rebuild and reinstall sendmail and configure cyrus-sasl. You will also have to add some rules to your sendmail.cf file, as shown on the website. What this will do is allow relaying for a user that would normaly be denied if they successfuly login as part of the SMTP processes. Most mail clients support this, Outlook/Express, Netscape, Eudora, ... Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Studies show that 1 out of every 4 Americans suffer some form of mental illness. So look at your three best friends, if they are okay it is YOU! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message