On 02/03/2010 01:30 PM, Paul McNett wrote: > On 2/3/10 11:21 AM, Leland Jackson wrote: > >> Does anyone have any experience configuring Postfix, so it >> would relay email from iPhones without becoming an open relay. >> > Yes. You need to set up smtp sasl authentication, and then set up the iPhone > to log > in to smtp securely using the ssl certificate. I've been logging in this way > to my > mail server for years, and have users on my mail server all over the world > connecting > in this fashion. I don't care if they are in a café, at home, at work, what > their ip > is, etc. I only care that they login securely, and provide their username and > password over the encrypted channel. >
OK > I've had my iPhone for a few months now and I believe it automatically > configured > itself to use this connection method. I think there was a couple minutes > where it > tried various connection options before finally deciding on the settings and > prompting me for my username and password. Pretty slick. > I'll look into this. I am able to connect to my mail server just find by having iPhone send my user name an password. After connecting to my server, I can sync emails, read and browse email folders, delete emails, etc that are on my mail server. However, my email server also acts as the outgoing SMTP server for relaying email in my local network, so if I wanted to sent an email written on my iPhone to [email protected], for example, my server would not relay the email; because, the credential passed by my iPhone to my email server would not match anything I've authorized for relaying emails. To use sasl encryption I would need a key on the iPhone that would work with a certificate on the server, or vice versus. This would allow encryption and decryption between the iphone and the my email server. Do you know where I would enter the sasl key on the iPhone? I'm also looking at gmail for use with my iPhone. My iPhone can connect to my gmail account using my user name and password pair, which allows me to relay emails out using gmails outgoing smtp server. Setting up the gmail account on my iPhone was easy. All I had to do on the iPhone was enter my gmail account user name and password pair in the iPhone gmail setting, and do a save. The iPhone did everything else using default setting. Going back and looking at the default setting on my iPhone gmail account, I see SSL is turned on, so encryption and decryption is being used. The connection is over port 587. Authentication to connect to the gmail outgoing smtp server is set to "password"; no sasl, MD5 Challenge-Responce, NLTM, HTTP MD5 digit, etc necessary. Is there some easier solution to my problem, or is gmail configured as an open relay? LOL Regards, LelandJ >> email from local IP address within my local network. The >> local computer's IP address must be included in the >> /etc/mail/access.db with "RELAY" privileges before Postfix >> will relay the mail. I could RELAY for all computers within >> my smvfp.com domain, but the iPhone will generlly connect to >> various domain other than the smvfp.com domain, and there is >> no way to know beforehand the domain, network, or IP address >> the iPhone will have. >> > smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, ... > > I've probably given you enough keywords for a google search... > Thanks for the info, Paul. Regards, LelandJ > Paul > [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
