In order to allow my Cyrus IMAP mail users to send mail from anywhere, I have configured sendmail so that any user that authenticates successfully using SMTP AUTH is allowed to relay email. Since both Cyrus IMAP and sendmail use SASL, my Cyrus IMAP mail users are able to authenticate.
Since most of my Cyrus users send their passwords in the clear, I have enabled START_TLS and SSL (using stunnel) in sendmail. Finally, I have sendmail listen on the standard MSA port rather than the standard MTA port for authenticated access. On Tue, 2004-01-20 at 01:35, Troy McKinnon wrote: > I am basically trying to configure my mail system so: > > 1) remote clients (cyrus mail users) can send from any location to any > location with no restrictions > 2) incoming mail will be routed to local users (i.e. if it is final > destination)... from anywhere > > I want my remote clients to be able to send whereever from whereever they > may be but I want to protect myself from ppl (Non users) just using my > server to send email. > > While looking in my logs I noticed however that I was getting the following > error: > > NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 450 Client host > rejected: cannot find your hostname, [xxx.xxx.xxx.xxx]; > from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP > helo=<xxx.someotherdomain.com> > > I found this possible solution: > > http://mail-archives.engardelinux.org/engarde-users/2001/Aug/0132.html > > i.e. the removal of: smtpd_client_restrictions = reject_unknown_client > > I am not sure if I like that solution. Will that basically give me what I > am looking for? I don't want my users to not receive email from someone just > because their mail servers reverse lookup was not set up correctly. I want > to make sure they get all the email sent to them. But I only want my cyrus > users to be able to send or relay email thru my system. > > What setting should I set for this? > > > ALSO!! :) while I am on the subject... > > Is there a way to have any rejected email for any of my virtual domains, to > any user be directed to my postmaster account... if it fails to find a valid > match elsewhere? > > >
