The 'stock' qmail-toaster (http://qmailtoaster.com) contains this.
The only difference between the smtp/run and submission/run files is
that the submission/run file contains the -H flag for tcpserver, and:
export REQUIRE_AUTH=1
which tells the authentication patch to always authenticate.
qmail-toaster includes the following patch:
Jean-Paul van de Plasse - REQUIRE_AUTH Patch
which is what checks the REQUIRE_AUTH environment variable.
You'll need to do some searching to find that patch, or grab it from the
qmail-toaster srpm package.
HTH.
--
-Eric 'shubes'
jeffk...@intersessions.com wrote:
Hi Thiago – thanks – I’ll give this a try. Jeff
*From:* Thiago Bujnowski - Ticonnect Solutions
[mailto:tbujnow...@ticonnect.com.br]
*Sent:* Saturday, September 11, 2010 9:43 PM
*To:* vchkpw@inter7.com
*Subject:* Re: [vchkpw] submission port 587
You can just create another directory at /var/qmail/supervise with a run
file running on port 587 and using a different tcp.smtp file.
I wanted separeted processes for internal and external incoming mail at
my MX server.
Here is how I did it:
- I followed a regular instalation as described in lifewithqmail + smtpauth.
- Instaled Vpopmail
- Applied the chkuser patch
- Instead of replacing qmail-smtp at /var/qmail/bin I renamed the
patched file to qmail-mx and copied into it.
- Created a /var/qmail/supervise/qmail-mx folder and modified the run
file to use qmail-mx instead of qmail-smtp binary and tcp.mx.cdb
instead of tcp.smtp.cdb, and chaged the listening IP. (You your case,
you should modify the listening port to 587)
- Created the link at /service
- Modified qmailctl adding the qmail-mx process. (Also generating the
tcp.mx.cdb file from tcp.mx)
It works like a charm for me and I think you could just adapt the
overall idea fitting your needs.
There is just one inconvenience with this setup. The config files for
qmail (rcpthosts and etc..) must be the same for both processes. It
would require further modifications on qmail-smtp.c to use diferent
config files for each process.
Your new CDB file should have no open relays allowing only authenticated
mail to pass through.
That should do the trick.
Does anyone have a better suggestion?
Regards,
Thiago Bujnowski
*From:* Rick Macdougall <mailto:ri...@ummm-beer.com>
*Sent:* Saturday, September 11, 2010 9:57 PM
*To:* vchkpw@inter7.com <mailto:vchkpw@inter7.com>
*Subject:* Re: [vchkpw] submission port 587
Sorry for the top post, on my IPod.
If no one answers before tomorrow, I'll reply when I get on my computer.
It's pretty straight forward.
Rick
On 2010-09-11, at 18:39, <jeffk...@intersessions.com
<mailto:jeffk...@intersessions.com>> wrote:
This may be the wrong forum for this but I can’t seem to find any info.
Does anyone have information on how to setup a second SMTP process
within qmail that listens on port 587 and accepts ONLY authenticated
smtp connections? In this scenario port 25 would accept normal smtp
(non-relay) and smtp-auth traffic but now could also be filtered to
block dynamic IP ranges.
Thanks,
Jeff Koch
!DSPAM:4c8c643932717955216745!
