Mailing List Archive

SMTP control
Is there a way to configure qmail SMTP so that it can only be used to
receive mail for local recipients and forward mail from local senders? In
other words, I'd like to prevent outsiders from using me as a forwarder
yet allow insiders to use me as a forwarder.

Paul C. Diem
pcdiem@FoxValley.net
Re: SMTP control [ In reply to ]
On Tue, 18 Feb 1997, Paul C. Diem wrote:

> > Qmail's default installation will prevent other sites from using
> > you as a relay. That's because it puts the local domains into the
> > files control/locals and control/rcpthosts.
>
> The way I understand this though is that if I put only my local domain in
> rcpthosts, users within my domain which are using mail clients on PC's
> will not be able to use me as a relay. They, obviously, need to be able to
> send mail with a recipient of anywhere.

If you put your domain in rcpthosts, in your case .foxvally.net,
then as long as they are in the foxcally.net domain, they can use it.

-Dustin Marquess
Re: SMTP control [ In reply to ]
Forwarded message:
>>From djb-qmail-return-369-gerg=wco.com@koobera.math.uic.edu Tue Feb 18 11:11 PST 1997
>Mailing-List: contact djb-qmail-help@koobera.math.uic.edu; run by ezmlm
>Delivered-To: mailing list djb-qmail@koobera.math.uic.edu
>Delivered-To: djb-qmail@koobera.math.uic.edu
>Date: Tue, 18 Feb 1997 13:09:57 -0600 (CST)
>From: "Paul C. Diem" <pcdiem@FoxValley.net>
>To: djb-qmail@koobera.math.uic.edu
>Subject: Re: SMTP control
>In-Reply-To: <199702181824.KAA23903@shell.wco.com>
>Message-ID: <Pine.LNX.3.95.970218130505.2670B-100000@fvi0.FoxValley.net>
>MIME-Version: 1.0
>Content-Type: TEXT/PLAIN; charset=US-ASCII
>Content-Length: 850
>
>On Tue, 18 Feb 1997, Greg Andrews wrote:
>
>> Paul C. Diem <pcdiem@FoxValley.net> asks:
>> >
>> >Is there a way to configure qmail SMTP so that it can only be used to
>> >receive mail for local recipients and forward mail from local senders? In
>> >other words, I'd like to prevent outsiders from using me as a forwarder
>> >yet allow insiders to use me as a forwarder.
>> >
>>
>> Qmail's default installation will prevent other sites from using
>> you as a relay. That's because it puts the local domains into the
>> files control/locals and control/rcpthosts.
>
>The way I understand this though is that if I put only my local domain in
>rcpthosts, users within my domain which are using mail clients on PC's
>will not be able to use me as a relay. They, obviously, need to be able to
>send mail with a recipient of anywhere.
>

Why did you delete my second paragraph, which contained the answer to
that very question?:

The FAQ document describes how to allow your local machines to
send mail anywhere in section 3.4 (possibly with assistance from
section 5.1).


-Greg
--
Greg Andrews West Coast Online
Unix System Administrator 5800 Redwood Drive
gerg@wco.com Rohnert Park CA 94928
(yes, 'greg' backwards) 1-800-WCO-INTERNET
Re: SMTP control [ In reply to ]
> > The way I understand this though is that if I put only my local domain in
> > rcpthosts, users within my domain which are using mail clients on PC's
> > will not be able to use me as a relay. They, obviously, need to be able to
> > send mail with a recipient of anywhere.
>
> If you put your domain in rcpthosts, in your case .foxvally.net,
> then as long as they are in the foxcally.net domain, they can use it.
>

that's not true. rcpthosts determines where received mail can
be addressed _to_, not where it's allowed to come _from_.

as greg, i believe, pointed out, the correct answer is in the FAQ. you
need to arrange for the RELAYCLIENT environment variable to be set
when you get mail from one of the "CLIENT"s that is allowed to "RELAY". :-)
and you use some combination of tcpd/tcpserver/tcpenv/inetd to do this.

paul
Re: SMTP control [ In reply to ]
On Tue, 18 Feb 1997, Dustin Marquess wrote:

> On Tue, 18 Feb 1997, Paul C. Diem wrote:
>
> > > Qmail's default installation will prevent other sites from using
> > > you as a relay. That's because it puts the local domains into the
> > > files control/locals and control/rcpthosts.
> >
> > The way I understand this though is that if I put only my local domain in
> > rcpthosts, users within my domain which are using mail clients on PC's
> > will not be able to use me as a relay. They, obviously, need to be able to
> > send mail with a recipient of anywhere.
>
> If you put your domain in rcpthosts, in your case .foxvally.net,
> then as long as they are in the foxcally.net domain, they can use it.

That wasn't the experience we had....the day we switched many users called
complaining about the "you're not in my rcpthosts" error and couldn't send
mail to selected sites. Granted, others did go out, but it was flaky. We
deleted rcpthosts...

'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'
`' Jeff Carneal / Sys Admin \ Apex Internet `'
`' jeff@apex.net http://www.apex.net `'
`' The opinions expressed above aren't really mine. They belong to `'
`' someone else who also refuses to take responsibility for them. `'
'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'
Re: SMTP control [ In reply to ]
At 09:44 AM 2/18/97 -0600, Paul C. Diem wrote:
>I'd like to prevent outsiders from using me as a forwarder
>yet allow insiders to use me as a forwarder.

Yes. By default, qmail creates the control files necessary for the first part
of your requirement. You need to create the configuration necessary for the
second part. Look in the FAQ for RELAYCLIENT.
-russ