On 08/29/2014 07:12 AM, Tonix - Antonio Nati wrote:
I don't know if the variable you need is enabled in your
distribution/version.
Actually you could put in place this solution:
Enable (uncomment) the following define in checkuser_settings.h and
recompile.
#define CHKUSER_DISABLE_VARIABLE "RELAYCLIENT"
With such option, chkuser is disabled for every aythenticated or
authorized sender which has RELAYCLIENT set (we reccomend this option).
Unfortunately, I've missed this recommendation up to now, and this
variable is not set. I'll see about getting this included in the next
release of the qmail package.
Michele, are you running legacy (*-toaster) packages, or the new ones?
As alternative if you want to disable chkuser from a specific IP:
Enable (uncomment) the following define in checkuser_settings.h and
recompile.
#define CHKUSER_DISABLE_VARIABLE "DISABLE_CHECKUSER"
and put in your control file:
xx.xx.xx.xx:allow,DISABLE_CHECKUSER="",RBLSMTPD=""
Actually, all controls related to too many wrong or existing recipients,
as well as not existin domains or other like that should be set only for
public MX frontends, not for SMTP relays serving only authenticated users.
This brings up an interesting point. It'll be easy enough to disable
these controls on port 587. Is there a way though that chkuser can tell
if authentication has taken place or not on port 25?
Also, can you list the specific controls that you feel should be
disabled for authenticated sessions?
--
-Eric 'shubes'
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com