relaying

davidn at rebel.net.au davidn at rebel.net.au
Tue Dec 3 14:16:45 CST 2002


Ronke Adetilo <ronnietilo at yahoo.co.uk> wrote:
> can someone please tell me how i can allow relaying
> for all domains

Do you want to report yourself to ORB or shall I? :-)


> This i need to do to enable my clients to pop their mails from any
> network using microsoft outlook.

You don't need to enable mail relaying for pop access.  Pop servers,
unless otherwise restricted, will accept all connections, which means
anyone can download mail from any pop server, anywhere.  Did you,
perhaps, want your clients, who have pop accounts on your server,
to be able to *send* email through your smtp server?  That's quite
a different matter; and yes, in general you need to enable relaying
for that.

You certainly should not -- I'll go so far as to say *must* not --
enable open relaying, which means accepting email from anyone, for
delivery to anyone.  Should you become an open relay you will quickly
be discovered by spammers, who will use your server to hide behind.
You will become the apparent originator of the spam.  Should that not
concern you, you need to understand that you will also quickly be
discovered by the various email blacklists, and once listed, you will
find that many organisations will refuse to accept any email from you,
thus you will become, in effect, a site that accepts email from anyone
but can deliver to no-one.

If you offer a general mailbox service, and if part of that service
is to accept email from your clients for general delivery, you need
to permit selective relaying, being relaying only for your clients.
There are a number of ways this is sometimes done.  Pop before smtp
is quite popular, whereby your client can only send email after they
have downloaded it.  The pop server authenticates your client, thus
proving their entitlement to send email.  Some email clients, and
Outlook is included, have the ability to login directly to the smtp
server.  This is better than pop before smtp to my way of thinking.
If you know the IP address of your clients you can permit relaying
only from those limited addresses.  (This is what many ISPs do; that
is, they permit relaying from any of the IP addresses associated with
their dialup facilities.)

I regret that I have no experience with authenticated smtp.  I believe
that sendmail includes this facility, and I strongly urge you to read
all of the sendmail documentation, so that you can learn how to operate
this software for yourself.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject



More information about the linuxsa mailing list