> > On Wed, Sep 27, 2000 at 04:28:13PM -0300, Daniel Augusto Fernandes wrote:
> >
> > > Even with shell access, one would have to connect to a port 25 on the
> > > other side to send its msgs. This would not be possible with the
> > > firewall. These users would have to use the first server as a relay if
> > > they want to send msgs to the net.
> >
> > Whaa? Most Unix UAs do not connect to an SMTP server directly, but submit
> > via qmail-inject (or more likely a sendmail wrapper).
> >
> > What if user 'a' can send externally and user 'b' cannot and they both
> > use, eg, mailx?
> >
> > The answer is that they'd have to be permissioned and pathed to use
> > seperate instances of qmail.
> >
> > Regards.
>
> If they do that they will be on the same machine, and they should be
> able to do that. But if they want to send an internet mail they will
> have to connect to port 25 of the extern host if they want to use smtp.
>
> qmail-inject and any sendmail wrapper actually connect to port 25 when
> sending extern mail.
Whaa? This is completely wrong. Neither qmail-inject nor the sendmail wrapper
connects to port 25 at all!
They both utimately give the mail to qmail-queue which gives it to qmail-send
which gives it to qmail-rspawn which gives it to qmail-remote who hasn't the
foggiest idea who the real submittor is and has no authentication information
to give to the SMTP connection on port 25 that it establishes totally independently
of your submission.
At what part of the qmail-inject process do you think you give the
authentication information? There is none.
Have you actually tried what you propose?
Regards.
