Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd September 2009, 12:10
MvincM MvincM is offline
Member
 
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts
Default SMTP Auth via POP or IMAP Server

Hello,

Rather complicated question but I belive that ispconfig forum could help.

I must change my ISP configuration (Postfix) to do some tricky authorization.

Users must send e-mail through ISPConfig Postfix SMTP but Postfix must authorized them via third part POP3 or IMAP server.

Do you have any idea how to do this...

Best regards,
MvincM
Reply With Quote
Sponsored Links
  #2  
Old 2nd September 2009, 12:20
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

Andy why dont you use the normal smtp-auth which is configured by default? All normal mail clients support it. The setup you want to do is named pop befire smtp and is not in use anymore for years since all mail clients support smtp-auth.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 2nd September 2009, 12:48
MvincM MvincM is offline
Member
 
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts
Default

Yes it is clear for me and I looks for P-B-S but it is different case...

I just explain...

We use ISPConfig for many years (great tools - Thanks a lot) but now one of our domains must be hosted on google apps (our company split to sub-company and they want to use google apps as a mail services). And now story starts. As you may know Google put Sender SMTP header filed to any mail and it looks terrible in outlook e.g. "sales on behalf of j.test@domain.com". Google confirm that is not a "business" behaviour and allow to use own SMTP (simple option in menu) to put any Sender filed. You just put SMTP address and login and password for user (to authenticate) and you could send mails via your SMTP. And this solution is good but... not to the end.

In my case I must take care of two user database - one of google apps and second on ISPConfig (to use it as SMTP server). I must also remember to synchronized them... so I wonder how to use and configure "SMTP authentication via Google IMAP server".

In this case I could have a lot of domains on ISPConfig and one small on Google Apps but without duplicated user database.

and this is a problem

Any ideas?

Best regards,
MvincM
Reply With Quote
  #4  
Old 3rd September 2009, 10:59
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

You can try to do it with pam_imap

http://pam-imap.sourceforge.net/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 6th September 2009, 11:48
autogun autogun is offline
Member
 
Join Date: Sep 2009
Posts: 69
Thanks: 9
Thanked 5 Times in 5 Posts
Default

Quote:
Originally Posted by till View Post
Andy why dont you use the normal smtp-auth which is configured by default? All normal mail clients support it. The setup you want to do is named pop befire smtp and is not in use anymore for years since all mail clients support smtp-auth.
Hey till,

This is basically means that running an ISPConfig3 setup with Postfix as my MTA - Nobody will be able to relay on my box and send spam through it without auth first?
Reply With Quote
  #6  
Old 6th September 2009, 17:11
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

Yes, smtp-auth is configuread by default.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 6th September 2009, 20:36
autogun autogun is offline
Member
 
Join Date: Sep 2009
Posts: 69
Thanks: 9
Thanked 5 Times in 5 Posts
Default

This is wierd,

Part of my /etc/postfix/main.cf
Code:
mynetworks = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_tls_security_level = may
and still, Im being able to access my mail server and send mails outside my network -
Code:
telnet ispconfig.MYDOMAIN 25
Trying XXX.XX.XX.XXX...
Connected to ispconfig.MYDOMAIN.
Escape character is '^]'.
220 ispconfig.MYDOMAIN ESMTP Postfix (Debian/GNU)
helo a
250 ispconfig.MYDOMAIN
mail from:ask@me.com
250 2.1.0 Ok
rcpt to:admin@MYADMIN
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
hello.
.
250 2.0.0 Ok: queued as C40F3182CA
Am I doing something wrong? :E
Reply With Quote
  #8  
Old 7th September 2009, 09:07
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

You have to access your server from outside to test this. You can not run this test on the local server as localhost is always configured to be able to relay. This does not mean that someone else can misuse your server to send spam, localhost must be allowed to send spam as many damons send status messages by email and also things like the php mail() function wont work without that.

If you want to test your server if it is an open relay, use this:

http://www.abuse.net/relay.html
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
autogun (7th September 2009)
  #9  
Old 7th September 2009, 10:31
autogun autogun is offline
Member
 
Join Date: Sep 2009
Posts: 69
Thanks: 9
Thanked 5 Times in 5 Posts
Default

Thanks till,

Thanks a bunch!
Reply With Quote
  #10  
Old 7th September 2009, 13:48
MvincM MvincM is offline
Member
 
Join Date: Apr 2006
Posts: 62
Thanks: 1
Thanked 4 Times in 2 Posts
 
Default

Thanks for your idea !!!

Now I use "rimap" and it works but your idea is better. When I will use pam_imap I can auth with local DB and google IMAP server.

Once again thanks !

Best regards,
MvincM
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
User unknown in relay recipient table Taxick Installation/Configuration 12 9th April 2013 12:31
Ubuntu Server, postfix, gmail relay sjau Server Operation 3 14th December 2010 18:20
Mail System Error - Returned Mail tristanlee85 General 16 16th March 2008 09:40
mail delivered in mbox patfee Installation/Configuration 8 11th December 2007 13:58
Problems with Postfix Mysql Courier PatrickAdrichem Installation/Configuration 3 13th April 2007 15:44


All times are GMT +2. The time now is 20:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.