From owner-freebsd-questions@FreeBSD.ORG Sat Apr 27 17:14:07 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 00058328 for ; Sat, 27 Apr 2013 17:14:06 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id 7543D11DE for ; Sat, 27 Apr 2013 17:14:06 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.2.117.99]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id r3RHE2xD028160 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Sat, 27 Apr 2013 18:14:03 +0100 (BST) (envelope-from matthew@FreeBSD.org) DKIM-Filter: OpenDKIM Filter v2.8.2 smtp.infracaninophile.co.uk r3RHE2xD028160 Authentication-Results: smtp.infracaninophile.co.uk/r3RHE2xD028160; dkim=none reason="no signature"; dkim-adsp=none (unprotected policy) Message-ID: <517C0753.2010506@FreeBSD.org> Date: Sat, 27 Apr 2013 18:13:55 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Sendmail 8.14.5/8.14.5 on fbsd-9.1R (EC2) References: <20130426153728.M27769@ezo.net> <517B8ED2.3060103@infracaninophile.co.uk> In-Reply-To: X-Enigmail-Version: 1.5.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2RLSFINLNBFNGVLHLJJCP" X-Virus-Scanned: clamav-milter 0.97.8 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00,SPF_SOFTFAIL autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Apr 2013 17:14:07 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2RLSFINLNBFNGVLHLJJCP Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 27/04/2013 17:43, doug wrote: >>> DAEMON_OPTIONS(`Port=3D587, Addr=3D 111.222.333.444, Name=3DMSA, M=3D= E') > If sendmail is listening on port 587, it will relay for any valid sende= r > who can reach that port. You see where it says 'M=3DE' in that DAEMON_OPTIONS line? That should probably be changed to 'M=3DEa' meaning 'require authentication'. That's= usually the right thing to do for a message submission agent, and the use of authentication will allow senders to relay through the daemon without the usual anti-relaying checks. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey ------enig2RLSFINLNBFNGVLHLJJCP Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlF8B1oACgkQ8Mjk52CukIwkJwCcCv6fmVBXMjXPHD2dzHXbFtce PEcAn1bzk6XjTqhMEpRCJpgKXjv06CVi =9JGG -----END PGP SIGNATURE----- ------enig2RLSFINLNBFNGVLHLJJCP--