Hi folks
I found an easy way to allow clients to use qmail as a relay form the
Intranet and
to disable relaying from the Internet. This applys only to a server with two
network
devices (One connected to the Intranet and one connected to the Internet).
But since xinetd allows multible configurations for the same service as long
as they have unique id's you could restrict relaying with "only_from" as
well.
service smtp
{
socket_type = stream
protocol = tcp
wait = no
user = qmaild
id = qmail-extern
interface = X.X.X.X (real Internet IP-Address)
server = /var/qmail/bin/tcp-env
server_args = /var/qmail/bin/qmail-smtpd
}
service smtp
{
socket_type = stream
protocol = tcp
wait = no
user = qmaild
id = qmail-intern
interface = 192.168.1.1
env = RELAYCLIENT=
server = /var/qmail/bin/tcp-env
server_args = /var/qmail/bin/qmail-smtpd
}
Put both configurations in your /etc/xinetd.conf and enable smtp. The only
thing added to the second configuration is the "env = RELAYCLIENT=" line.
This tells qmail to relay every mail incoming on the internal interface
without checking control/rcpthosts. Now you can get rid of tcpd.
Greetings
Roland
