Am 25.06.2011 23:50, schrieb Max Pyziur: > > Greetings, > > I'm refining a CentOs configuration installation, now just over one month > old running on a colocated production server. Previously, we ran a version > of Fedora for over seven years. > > Specifically, I'm reviewing our sendmail configuration, both with respect > to authentication and port usage. > > Previously, we had the following line in the sendmail.mc line: > define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
Though defined, you seem not to have made use of it; no SMTP AUTH in your description of the previous setup. > To authenticate, users would first have to POP their mail. > > A klunky script would scan appropriate log files and copy relevant IP > addresses to the /etc/mail/access file that would be regenerated every > 5 minutes via cron. > > Once the IP address was in the /etc/mail/access.db a user could be > authenticated and be allowed to send email using the machine as smtp. That sounds as a poor version of POP-before-SMTP. Which mechanism deletes the IP from the access_db? By no means SMTP AUTH was used, just plain relay permission based on the access_db. > Is there a better way of doing this? Definitely. > Port 587 issues: > Verizon DSL filters out requests on port 25 to smtp servers not belonging > to verizon.net. An alternative is to use port 587 for smtp purposes. > > Are there any views in this CentOs user community on this? Yes, configure SMTP AUTH and offer the submission service to the users. Everything is prepared and documented within the sendmail.mc CentOS ships with. You just have to think about which backend SASL shall use to verify auth credentials. > Much thanks. > > Max Pyziur > p...@brama.com Alexander _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos