I think that I might have uncovered a possible source of confusion in terminology about SmartMax's product, MailMax 5.5, which I presume is what Erick is using.
Generally speaking, an MTA is configured to allow relaying (outgoing SMTP messages) from local clients within its own LAN, and to deny it for any one else. This is based, in the first instance, on the client's IP address. Additionally, authentication of LAN clients may be enabled / required. Finally, in some cases clients on random IP addresses external to the LAN may also need to use the MTA as their outgoing SMTP server, in which case SMTP authentication is mandatory. In the case of all the clients allowed to send outgoing mail to third parties via the MTA, the MTA is "relaying" this mail. The documentation for this product: http://smartmax.com/download/pub/MailMax/MailMax%205.0/MailMax%205.0%20Docs. pdf uses the word "relaying" to refer to other MTAs listed on a DNS RBL as "open relays". On a quick scan of this document, the only mention that I could see regarding enabling local LAN clients to send outgoing mail via the MTA, based on their IP address, is in Section 5.4: IP Settings. (Other than in the introductory section 1.1.2 "SMTP servers take inbound mail for local users from other systems, and outbound mail from local users.") It says in 5.4: - "Allow Relaying Relaying mail through a mail server can result in that server to be considered by the rest of the world as a Spam source. However, it may be that a host maintains a trusted secondary server that creates and relays mail through this server. This is a rather advanced and specialized arrangement. For most purposes, you should never enable relaying." I disagree, in part. You should always allow relaying for your internal LAN clients ~= local users. Unfortunately, this section of the configuration of MailMax isn't mentioned at all in the Quick Start Guide, and appears to be somewhat complex to configure correctly in the case of MailMax. Erick, if you set this part of the configuration of MailMax to: - 1 Allow relaying by your internal LAN clients 2 Allow relaying by your ASSP implementation (127.0.0.1 in your case, as well as its internal & external IP addressees) 3 Deny relaying from any other IP address 4 Enable SMTP authentication from any IP address that your clients will connect from Then you should be able to protect your MTA from itself being an open relay, and being listed by NJABL, etc. Note that anyone _must_ be able to send incoming SMTP to your local recipients, but only to them, otherwise you won't get any mail ;-) Get this right first, before you even start up ASSP. Thereafter, the suggestions by others (Matti, Daniel, Kevin, Charles, etc.) on how to ensure that MailMax authenticates your clients apply. There was a recent thread on how to test if your MTA is an open relay, which you should find helpful. HTH. Kind regards, William Stucke ZAnet Internet Services (Pty) Ltd [EMAIL PROTECTED] http://www.zanet.co.za 083-308-0700 - WFS 011-460-0115 - Office 086-502-9444 - Fax ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
