>Mon Jun 30 2008 08:10:06 AM EDT from [EMAIL PROTECTED] (Uncensored) >Subject: Re:sending from a sub domain needs auth. > > >> >>> >>> >>>Got an MX record for domain.com. >>> >>> So I assume it works for sub.domain.com.
>> >>if you want sub.domain.com to receive mail on another Server, you need to >>add an MX for it. > > >No, not what I want. > >I want sub.domain.com to send mail to domain.com without needing to auth. > >Or at least understand why Citadel needs it to auth. > > Citadel, by design, prevents unauthorized relay, as an anti-spam feature. Logging in is Citadel's way of providing authenticated SMTP. What we probably need, in this case, is functionality to whitelist specific IPs or IP ranges to allow unauthenticated relay, a la Postfix's "mynetworks" variable and its use in "permit_mynetworks" within the "smtpd_recipient_restrictions" section of ihe main.cf. In the case of Postfix's mynetworks variable, you can list individual IP addresses, CIDR notated IP blocks (XXX.XXX.XXX.XXX/YY), a clear text file containing a mix of IPs and IP blocks, or even hash, btree or other database formats (which Postfix has to be configured to translate...for example, before implementing SMTP-AUTH, I was using DRAC for POP-B4-SMTP, which used btree). In any event, setting up whiltelist functionality could be a viable method for allowing systems on the same physical network, and specific systemsoutside of the local network, to relay, should the admin desire to allow it.
