On Mon, Jun 22, 2009 at 9:59 PM, Dan Harnett<dan...@harnett.name> wrote:
> On Mon, Jun 22, 2009 at 07:19:09PM -0600, Alvaro Mantilla Gimenez wrote:
>>
>>    According to the /usr/share/sendmail/README file, it is necessary to
>> add the "a" modifier to the line that define the MSA: "Additionally, by
>> using the M=a modifier you can require authentication before messages
>> are accepted by the MSA"
>
> Actually, 'a' will only advertise that SMTP AUTH is available, it does
> not require it.  You want to use 'l' to enforce it.
>
>  DAEMON_OPTIONS(`Family=inet, Address=0.0.0.0, Port=587, Name=MSA,
M=El')dnl
>
> This won't even allow mail to local recipients without authentication
> first.

Hmm, this seems to not match the documentation in
/usr/share/doc/smm/08.sendmailop: the meaning you give for the 'a' and
'l' flags are correct for the srv_features ruleset, but not for the
DaemonPortOptions option.


...
> Authenticated users will skip the DNSBL checks if you use
> FEATURE(`delay_checks') in your .mc file.

This is the easiest way to accomplish the original poster's goal, yes.


Philip Guenther

Reply via email to