On 2009-09-19 Martin Allan Jensen wrote: > The company I work for have approximately nine mail servers, including > Postfix, qmail, sendmail and exim. > They would like to make ONE SMTP relay host server so that all their > customers can use their SMTP server to send mail through. > The customers already get their incoming mail through their mail > servers. > > I fail to see a way to make this possible without creating an entirely > open relay, or creating a database with usernames and passwords and > use SASL.
You could put your customers on a private network not accessible by the public (and I mean "VPN" kind of private here rather than RFC 1918 kind of private). However, that's just moving authentication and encryption to a different layer. Why do you want to avoid using SASL anyway? > Does anybody know if it is possible to make the SMTP host contact the > mail server and verify that the sender email exists on their incoming > mail server? Or is there another setup recommended? I'm not sure if I understand you correctly here. Do you mean something like Callback Verification [1]? You could do that, but how's that going to protect your MTA from being abused as an open relay in your scenario? Any unauthenticated host is not trustworthy and can tell you whatever they want. > I tried google a lot, but I can't seem to find anything that points me > in the right direction - someone else surely must have run into this > scenario before? I'd doubt it. Just use SASL and get it over with. [1] http://en.wikipedia.org/wiki/Callback_verification Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
