Thank you for the speedy reply. I may have asked my question badly. Let me describe the scenario more completely.
I have a James server that currently sends server generated email. Only a specific application server is able to connect to the James server, and it sends mail on behalf of several users (generally, workflow generated email). The mx records, reverse DNS lookups etc are bound to the James server - and everything seems to be working happily (and has been working for some time). Mail is sent and received. Because I am (sometimes!) a little nervous, I tried to prohibit relaying of email (even legitimate email from, for example, myself). I did this by using the <authorizedAddresses> setting and only allowing the application server that sends email (which in hindsight may have been slightly misguided). I would now like to allow trusted third parties (like myself) to send email via the James server. To do this, I think I need to: * Comment out the <RemoteAddrNotInNetwork> setting (because most of our users use dynamic IP addresses); * Leave the <authorizedAddresses> setting as I want the application server to be able to send email without authenticating; * Uncomment the <authRequired>true</authRequired> setting. I am inclined to also uncomment the <verifyIdentity>true</verifyIdentity> line - but I suspect that this will mean that the application server can't send email on behalf of other users. Is this correct? Have I got the general idea? And, from a James perspective, is there anything more I can do to secure the server? Thank you for your guidance! Renen. -----Original Message----- From: Stefano Bagnara [mailto:[EMAIL PROTECTED] Sent: 09 July 2007 09:53 AM To: James Users List Subject: Re: Opening SMTP Renen Watermeyer ha scritto: > Hello, > > I have been sending mail locally from a James server for a couple of years. > I want to up the ante and send mail remotely - that is, from random > computers located randomly on the internet. No, not spam: normal, user > driven email. Do you want JAMES to act as MX server for your domain? Or do you simply want to enable an Authenticated-users only mail submission service? The first is the default for JAMES Server, so simply revert changes you did to remove the receiving part. Unfortunately as soon as you'll accept mail for a domain you will also receive spam. You can try enabling online blacklists and bayes filters, but this will only help a bit. Stefano > What is the most secure / safest way to do this? I know can simply allow > SMTP access via the conf file. But is this not opening a can of worms by > doing that? > > Thanks in advance! > > Renen. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
