The answer to question 2) is quite simple:
Only authenticated users can relay via this port. Additionally usage of "TLS"
is suggested. Qmailtoaster is prepeared for it, but each client must enable it; for
security reasons (to force man in the middle attacs) each client should not only prefer
but force TLS to be used.
Best regards,
Johannes Weberhofer
Anil Aliyan wrote:
pretty smart question John, I also would like to hear the answer for it
from the experts.
----- Original Message ----- From: "Tek Support" <[EMAIL PROTECTED]>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Friday, August 08, 2008 8:37 AM
Subject: Re: [qmailtoaster] Authentication to bypass spam checks
Hi all, I have a few question. Before I learned of this port 587, my
only option was to disable spamhaus. And all I did to disable it was
to remove it from my "/var/qmail/control/blacklists file.
So, the other day I needed some addition reporting and I remembered
the "toaster plus", so I downloaded the Repo and ran the yum install
for it. I then also decided to run the spamdyke filter.
So, now that I've realized that port 587 is available for my users to
send on, I went back to add the spamhaus. However, it's no longer in
the /var/qmail/supervise/smtp/run file. It would appear that spamdyke
has removed it.
So I have 2 questions:
1) Are spamdyke and spamhaus compatible? Why would or why does
spamdyke remove "blacklist" from the run file. Here are the before
and after.
---Begin---
---End---
2) Since I've just found out that port 587 is available, and 587 does
not run spamhaus the dynamic ip checker, then what is keeping a
spammer from trying to use this 587? I mean I'm a little confused.
If my port 25 won't allow any non-authenticated users to send smtp
(presuming it's not an open relay), then why would I even need port
587? I understand the need to have 587 if I'm using spamhaus on port
25, and 25 is now blocked to my dynamic users (workers from home). So
it seems a bit unnecessary to have both ports. And why couldn't a
spammer start sending spam to my users on 587 - if it even works that
way, which I'm not sure yet if it can? Qmailtoaster is a pretty
popular thing, so someone, somewhere would certainly try port 587 in
order to get around spamhaus wouldn't they?
Thanks for your time on this, I'm not trying to be difficult, only
trying to understand how and why.
Thanks
John
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
|---------------------------------
| weberhofer GmbH | Johannes Weberhofer
| information technologies
| Austria, 1080 Wien, Blindengasse 52/3
|
| Firmenbuch: 225566s, Handelsgericht Wien
| UID: ATU55277701
|
| phone : +43 (0)1 5454421 0 | email: [EMAIL PROTECTED]
| fax : +43 (0)1 5454421 19 | web : http://weberhofer.at
| mobile: +43 (0)699 11998315
|----------------------------------------------------------->>
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
