Full Mail Server Solution w/ Virtual Domains & Users

Discussion in 'HOWTO-Related Questions' started by binjured, Aug 17, 2008.

  1. binjured

    binjured New Member

    I got this setup a few months back and everything has been fine. I can use desktop mail clients to connect to the secure-mail server and send/receive mail. However, an issue has came up with regard to sending mail from servers via ssmtp relay.

    If I want to relay mail to an address found in the virtual mail tables, all is well, I just have this as my ssmtp.conf:
    Code:
    root=username
    mailhub=mx-1.mydomain.com
    ...
    
    However, this obviously only works for internal addresses; it can't be used to send something to bob@notmydomain.com because relay is disabled for outside addresses. No big deal right? Just set it up to use smtp auth on the secure-mail subdomain...
    Code:
    mailhub=secure-mail.mydomain.com
    AuthUser=someuser@mydomain.com
    AuthPassword=somepassword
    UseSTARTTLS=YES
    UseTLS=YES
    ...
    
    Except, this always returns 503 authentication failed, even though I could not be more positive that the username and password are correct. If I remove UseSTARTTLS=Yes then it just spits out "cannot open [smtp server]"

    I can't figure out why this is because I can use the smtp server to send authenticated e-mails via other means like desktop mail clients, but it simply will not work when using ssmtp. So, two questions:

    1) Is there anyone out there who has any clue why this would be happening?
    2) If not, is there a way I can set it so relay to any address is accepted IF the connection is coming from the internal network (i.e. mx-1.internal.mydomain.com) or would this not provide the security from using the smtp server for spam like I think it would?

    Thanks!
     
  2. binjured

    binjured New Member

    Following the normal cycle of "try to fix for a couple days, post on forums, instantly come up with a solution" I managed to implement (2) above by adding my private network submask to mynetworks. Obviously my biggest concern is with spammers hijacking the smtp server to bulk e-mail people; am I missing anything here that could cause this?

    when:
    mailhub=mx-1.mydomain.com
    FAIL:
    sendmail test@bob1234.com < test

    when:
    mailhub=mx-1.internal.mydomain.com
    SUCCESS:
    sendmail test@bob1234.com < test


    This is the desired result, but I am wondering if I'm missing any security implications of having the private network submask in mynetworks...
     

Share This Page