The 'stock' qmail-toaster (http://qmailtoaster.com) contains this.

The only difference between the smtp/run and submission/run files is that the submission/run file contains the -H flag for tcpserver, and:
export REQUIRE_AUTH=1
which tells the authentication patch to always authenticate.

qmail-toaster includes the following patch:
Jean-Paul van de Plasse - REQUIRE_AUTH Patch
which is what checks the REQUIRE_AUTH environment variable.
You'll need to do some searching to find that patch, or grab it from the qmail-toaster srpm package.

HTH.

--
-Eric 'shubes'

jeffk...@intersessions.com wrote:
Hi Thiago – thanks – I’ll give this a try. Jeff

*From:* Thiago Bujnowski - Ticonnect Solutions [mailto:tbujnow...@ticonnect.com.br]
*Sent:* Saturday, September 11, 2010 9:43 PM
*To:* vchkpw@inter7.com
*Subject:* Re: [vchkpw] submission port 587

You can just create another directory at /var/qmail/supervise with a run file running on port 587 and using a different tcp.smtp file.

I wanted separeted processes for internal and external incoming mail at my MX server.

Here is how I did it:

- I followed a regular instalation as described in lifewithqmail + smtpauth.

- Instaled Vpopmail

- Applied the chkuser patch

- Instead of replacing qmail-smtp at /var/qmail/bin I renamed the patched file to qmail-mx and copied into it.

- Created a /var/qmail/supervise/qmail-mx folder and modified the run file to use qmail-mx instead of qmail-smtp binary and tcp.mx.cdb instead of tcp.smtp.cdb, and chaged the listening IP. (You your case, you should modify the listening port to 587)

- Created the link at /service

- Modified qmailctl adding the qmail-mx process. (Also generating the tcp.mx.cdb file from tcp.mx)

It works like a charm for me and I think you could just adapt the overall idea fitting your needs.

There is just one inconvenience with this setup. The config files for qmail (rcpthosts and etc..) must be the same for both processes. It would require further modifications on qmail-smtp.c to use diferent config files for each process.

Your new CDB file should have no open relays allowing only authenticated mail to pass through.

That should do the trick.

Does anyone have a better suggestion?

Regards,

Thiago Bujnowski

*From:* Rick Macdougall <mailto:ri...@ummm-beer.com>

*Sent:* Saturday, September 11, 2010 9:57 PM

*To:* vchkpw@inter7.com <mailto:vchkpw@inter7.com>

*Subject:* Re: [vchkpw] submission port 587

Sorry for the top post, on my IPod.

If no one answers before tomorrow, I'll reply when I get on my computer. It's pretty straight forward.

Rick

On 2010-09-11, at 18:39, <jeffk...@intersessions.com <mailto:jeffk...@intersessions.com>> wrote:

    This may be the wrong forum for this but I can’t seem to find any info.

    Does anyone have information on how to setup a second SMTP process
    within qmail that listens on port 587 and accepts ONLY authenticated
    smtp connections? In this scenario port 25 would accept normal smtp
    (non-relay) and smtp-auth traffic but now could also be filtered to
    block dynamic IP ranges.

    Thanks,

    Jeff Koch




!DSPAM:4c8c643932717955216745!

Reply via email to