Renen Watermeyer ha scritto: > Thank you for the speedy reply. > > I may have asked my question badly. Let me describe the scenario more > completely. > > I have a James server that currently sends server generated email. Only a > specific application server is able to connect to the James server, and it > sends mail on behalf of several users (generally, workflow generated email). > > The mx records, reverse DNS lookups etc are bound to the James server - and > everything seems to be working happily (and has been working for some time). > Mail is sent and received. > > Because I am (sometimes!) a little nervous, I tried to prohibit relaying of > email (even legitimate email from, for example, myself). I did this by using > the <authorizedAddresses> setting and only allowing the application server > that sends email (which in hindsight may have been slightly misguided). > > I would now like to allow trusted third parties (like myself) to send email > via the James server. To do this, I think I need to: > > * Comment out the <RemoteAddrNotInNetwork> setting (because most of our > users use dynamic IP addresses); > * Leave the <authorizedAddresses> setting as I want the application server > to be able to send email without authenticating; > * Uncomment the <authRequired>true</authRequired> setting.
The best thing is create users with passwords and have them use a password to authenticate the session (every mail client supports authentication) from any IP in order to relay. Just create users and configure the clients to use the user/pass you assigned. Stefano > I am inclined to also uncomment the <verifyIdentity>true</verifyIdentity> > line - but I suspect that this will mean that the application server can't > send email on behalf of other users. Is this correct? > > > Have I got the general idea? And, from a James perspective, is there > anything more I can do to secure the server? > > Thank you for your guidance! > > Renen. > > > -----Original Message----- > From: Stefano Bagnara [mailto:[EMAIL PROTECTED] > Sent: 09 July 2007 09:53 AM > To: James Users List > Subject: Re: Opening SMTP > > Renen Watermeyer ha scritto: >> Hello, >> >> I have been sending mail locally from a James server for a couple of > years. >> I want to up the ante and send mail remotely - that is, from random >> computers located randomly on the internet. No, not spam: normal, user >> driven email. > > Do you want JAMES to act as MX server for your domain? Or do you simply > want to enable an Authenticated-users only mail submission service? > > The first is the default for JAMES Server, so simply revert changes you > did to remove the receiving part. > > Unfortunately as soon as you'll accept mail for a domain you will also > receive spam. You can try enabling online blacklists and bayes filters, > but this will only help a bit. > > Stefano > >> What is the most secure / safest way to do this? I know can simply allow >> SMTP access via the conf file. But is this not opening a can of worms by >> doing that? >> >> Thanks in advance! >> >> Renen. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
