[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AUTH, MSA-mode and FULLTRUST
This is completely untested, and this is more or less my first time
looking at the smptserver code.. I would guess that in smtpcmds.c,
somewhere around line 433, changing
if (msa_mode && ! SS->authuser) {
to
if (msa_mode && ! (SS->authuser||SS->policystate.full_trust) ) {
.. and possibly the error message it pumps out. This whole chunk of code
was added sometime between the time ranges in the private message
(20040312 ... 20041104).
On Thu, 2004-02-12 at 21:47 -0400, Jeff Warnica wrote:
> I suspect that the path of least resistance would be to have local
> systems submit to :25. But if you are going to reconfigure each client,
> you might as well tell it to send the username/password. I suppose you
> could do some port redirection magic (ie, iptables with Linux) such that
> connections to :587 are transparently redirected to :25.
>
> I don't know if what you ask about ZMailer is possible, but this might
> provide a quick solution until something else comes along.
>
> On Thu, 2004-02-12 at 20:51 -0300, Nicolas Baumgarten wrote:
> > Hi,
> >
> > in previous versions we used authentication
> > like is descripted in this old smtpserver.conf sample
> > -------
> > PARAM MSA-mode # Message Submission Agent mode. Require
> > # # successful user authentication during SMTP
> > # # sessions initiated from outside of the trusted
> > # # networks or the networks with relaying enabled
> > # # (see "fulltrustnet" and "relaycustnet" in
> > # # smtp-policy.src file).
> > -------
> >
> > having this and "smtp-auth" was enough.
> >
> > The problem we have now is that if MSA mode is enabled
> > (via MSA-mode keyword or BindSubmit ) then we cant avoid
> > authentication from fulltrustnet networks.
> > The answer is always:
> > 503 5.5.1 Hello [192.168.1.21], In SUBMISSION mode must authenticate first!
> >
> > Is this something we doing wrong?
> >
> > Thanks ....
> > -
> > To unsubscribe from this list: send the line "unsubscribe zmailer" in
> > the body of a message to majordomo@nic.funet.fi
> >
> >
>
> -
> To unsubscribe from this list: send the line "unsubscribe zmailer" in
> the body of a message to majordomo@nic.funet.fi
>
>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi