Mailinglist Archive: opensuse (714 mails)

< Previous Next >
Re: [opensuse] Postfix/dovecot - allow relay from phone - How??
On 10/24/2011 12:22 PM, David C. Rankin wrote:
What I don't want to do is mess up my port 25 normal operations. That's the part I
don't have sorted yet. The "what do I need to do to enable relay from the phone (on
whatever port) and not mess up the normal server operations for the rest of the
mail?"

Why the second port anyway? Can't I just configure postfix to authenticate me from my phone and just send using port 25? There may very well be valid reason that configuring on port 587 is better and the way to go, but that's what I'm trying to figure out...

Hi David,

A couple of factors are at play here. (I hope I get this right)

First, you have to authenticate yourself to your mail server if you
want to relay mail. If you allow anonymous connections, spammers
will have their way with your server. But, sending usernames and
passwords in the clear over port 25 is also a risk, so you need to
wrap your authentication dialog with SSL/TLS.

Two ports? The issue here is that many ISP's block outgoing port
25 to force you to use their own SMTP servers. Outgoing port 587
is usually open, allowing you to connect to your server via an
encrypted connection. Port 25 remains open allowing your server
to continue to accept mail for local accounts as usual.

There are other ways to do the authentication bit. I've used
pop-before-smtp in the past, which is a bit clunky, but it works.
This method blocks SMTP relaying until a successful authentication
dialog is negotiated via pop or imap. The sending IP address is
then opened for relaying for a defined period of time. This assumes
that people will check their incoming mail before trying to send.

Regards,
Lew



--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups