[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora sendmail auth



On Fri, 2009-05-08 at 17:50 -0400, Kevin J. Cummings wrote:
> Steven W. Orr wrote:
> > Sorry but this is exactly what I didn't want. When I said gentle I really 
> > meant it. If I'm sitting in a hotel then how does my access file know if 
> > it's my laptop? What is MSA with login creds? How do I enable SSL, and 
> 
> MSA is the Mail Submission Agent.  It requires that you login to the 
> server using a username/password known to the server in order to be able 
> to use it.  Failure to login == failure to use the submission port.
> 
> Sorry, I don't know of a simple HOWTO, but in order that you don't have 
> an "open mail relay" that any spammer can use, you have to close it off 
> somehow.  It should be sufficient for your email client (wherever it is) 
> to be able to authenticate with your mail server.  Perhaps googling MSA 
> will turn up some information on how it works, and what you will need to 
> do in order to use it.  It is specifically designed for your case of 
> being outside you local network.
----
in both cases (pop3/imap) and smtp submission, if you don't have
certificates, you are authenticating in clear text which means that
anyone can simply sniff the packets and get your login id & password.

I don't let ports 110 and 143 through the firewall at all. Thus a remote
user (and this means blackberry or iPhone or whatever), would have to
use either pop3s or imaps

Likewise, smtp can be set up in a variety of ways but I have to agree
with another person up-thread...postfix makes this easy and so I stopped
using sendmail but the only way someone can log into my smtp servers is
via TLS, otherwise, it only accepts mail via unauthenticated and of
course subject to all sorts of rules as to whether e-mail is accepted
for delivery either locally or via relay.

My suggestion for OP would be to install some web-based e-mail system
and just login from anywhere with any web browser.

Good luck

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]