Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
Deferring delivery if authentication fails
setantae at idoru
Jul 11, 2002, 3:48 AM
Post #1 of 5 (589 views)
Permalink
Dear list,

I'd like to bounce an idea regarding SMTP AUTH off you all, just to
see if it's possible and that I'm not wasting my time, as the spec
doesn't seem to cover the situation.

I have a vaguely unconventional hubbed setup for mail delivery.

The MX records for my domain are as follows:

submonkey.net. IN MX 20 shaft.techsupport.co.uk.
submonkey.net. IN MX 30 mailrelay1-gui.server.ntli.net.

shaft.techsupport.co.uk then passes the mail, via a routing entry to
my machine at home, which is on a dynamic IP with a hostname from dyndns.org.

Here comes the part I'm wondering about.

Since my IP address is dynamic, what I'd like to do is set up the host
shaft.techsupport.co.uk to ensure that my machine is the only machine
that it delivers my mail to - SMTP AUTH would seem to be the thing for
this. However, it seems that exim will always fall back to transmitting
the message over an unauthenicated session if SMTP auth fails - I don't
want that and would like shaft.techsupport.co.uk to refuse to deliver the
message unless it has determined that it is really talking to my machine.

Is this possible with exim, or would I be better off looking at something
like IPsec between the two machines ?

Thanks,

Ceri
Re: Deferring delivery if authentication fails [ In reply to ]
dwmw2 at infradead
Jul 11, 2002, 4:25 AM
Post #2 of 5 (585 views)
Permalink
setantae@idoru.mine.nu said:
> Since my IP address is dynamic, what I'd like to do is set up the host
> shaft.techsupport.co.uk to ensure that my machine is the only machine
> that it delivers my mail to - SMTP AUTH would seem to be the thing for
> this. However, it seems that exim will always fall back to
> transmitting the message over an unauthenicated session if SMTP auth
> fails - I don't want that and would like shaft.techsupport.co.uk to
> refuse to deliver the message unless it has determined that it is
> really talking to my machine.

> Is this possible with exim, or would I be better off looking at
> something like IPsec between the two machines ?

I suspect it may be easier to use TLS, and tell Exim to do strict checking
of the recipient's key.

--
dwmw2
Re: Deferring delivery if authentication fails [ In reply to ]
ph10 at cus
Jul 11, 2002, 5:53 AM
Post #3 of 5 (577 views)
Permalink
On Thu, 11 Jul 2002, Ceri Davies wrote:

> However, it seems that exim will always fall back to transmitting
> the message over an unauthenicated session if SMTP auth fails

hosts_require_auth

That's an Exim 4 option.

--
Philip Hazel University of Cambridge Computing Service,
ph10@cus.cam.ac.uk Cambridge, England. Phone: +44 1223 334714.
Re: Deferring delivery if authentication fails [ In reply to ]
setantae at idoru
Jul 11, 2002, 6:18 AM
Post #4 of 5 (586 views)
Permalink
On Thu, Jul 11, 2002 at 01:53:37PM +0100, Philip Hazel said:
> On Thu, 11 Jul 2002, Ceri Davies wrote:
>
> > However, it seems that exim will always fall back to transmitting
> > the message over an unauthenicated session if SMTP auth fails
>
> hosts_require_auth
>
> That's an Exim 4 option.

Philip,

You rock.

Ceri
Re: Deferring delivery if authentication fails [ In reply to ]
juha at saarinen
Jul 11, 2002, 2:42 PM
Post #5 of 5 (584 views)
Permalink
On Thu, 11 Jul 2002, Ceri Davies wrote:

> Philip,
>
> You rock.
>
> Ceri

He's a brick all right. ;-)

--
Juha Saarinen

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal