Topic: SMTP for roaming users

[swamy]

Hi

We have lot of people who travel a lot and they will be keep going to different different places and it is difficult for them to locate the SMTP address for the ISP for the hotel where they r staying ..and it is more painful also to ask each hotel person for the SMTP.

Can any one suggest me how to make this SMTP available for the outside users. Can we have any password protection to use SMTP.

Kindly respond ASAP.

reg
swamy

[swamy]

Sorry i forgot to mention the version...i am using 4.1.1 E-smith.

[Des Dougan]

This is what Webmail is for. It works well out of the box.


Des Dougan

[swamy]

If the speed is less and there are attachements then u may not able to use the webmail properly na...

[Bas]

set the number of PPTP clients to the number of roaming users you have and let those users make a VPN connection to your server. That way they can use the smtp-services (and other services like file-sharing) on your box in a secure manner.
check http://www.e-smith.org/docs/manual/4.1/admin-remoteaccess.html (9.2.2) for more info on PPTP on e-smith

[devin sain]

If you going to use pptp you need to upgrade to 4.1.2 for for 4.1.1 has securty problems with pptp

[Shelby Moore]

There has to be a better way for this to be done then PPTP or Webmail.  (Now don't kill me here, but I am going to mention Microsoft.)  In exchange you simply set the SMTP server to ask for Authentication.  It then authenticates off the same username and password as the POP3 Server.

Both Outlook and Outlook Express take advantage of this feature by configuring them that the Outgoing mail server requires Authentication, you simiply check the checkbox.  This method has worked well for me, and I would love to use it under e-Smith.  Is this possible under e-smith?

Shelby L Moore

[swamy]

Yes I agree with Shelby Moore.

It will be a nice idea to ask for a password beofre sending the mail out..in this case we can use SMTP from any part of the world. Can any one suggest how to enable this password option.

reg

[Graeme Robinson]

sending SMTP passwords publicly is bad for the same reason POP3 passwords are a bad idea on public networks - they are unencrypted can be sniffed and can compromise the security of your network.

PPTP is really your wisest option here - what it will do is provide for secure communications with your e-smith servers services including SMTP.

When you say "there must be a better way" what you are really asking is "is there a easier way" - of course there is always an easier way but it is usually risky, insecure, & therefore the wrong way.

[Shelby Moore]

I have never tried this under Exchange but I do believe you can setup the server to require a secure connection (SSL).  Then in Outlook Express you would just click the need check boxes under the Advanced settings.

Maybe I am asking for an "easier" way, but isn't that what the Linux comminity is all about?  Helping each other find better solutions to our needs and problems and having the ability to create these solutions.

So the question still stands.  Is there another way to accomplish this other then those discussed so far?

Shelby Moore

[Chris Hardy]

There is a Qmail SSL Authentication  patch is available from http://www.qmail.org .. here are a few links that I found http://www.nimh.org/hacks/qmail-smtpd.c and http://www.esat.kuleuven.ac.be/~vermeule/qmail/tls.patch.  Now e-smith uses obtuse-smtp if I remember (this really should be on the devinfo list).  I'm not sure how tightly the smtp daemon is tied into the e-smith distribution, but it is convievable to grab qmail, patch it, make a rpm and distribute it. If I only had the time!

[Charlie Brady]

Chris Hardy wrote:
>
> There is a Qmail SSL Authentication  patch is available from
> http://www.qmail.org ..
...
>  I'm not sure how tightly the
> smtp daemon is tied into the e-smith distribution, but it is
> convievable to grab qmail, patch it, make a rpm and
> distribute it.

Not so, the qmail license doesn't allow the distribution of modified versions.

Charlie

[Chris Hardy]

Charlie Brady wrote:

> Not so, the qmail license doesn't allow the distribution of
> modified versions.
>
> Charlie

But as I understand the License, I could create a patched qmail src rpm and give people instructions on how to compile that.. Tho it is kind of mute considering that E-Smith doesn't have the full run of development tools that a standard RedHat Distro does  (Don't get me wrong, I love E-smith and evangelize it wherever I go).  But that still doesn't awnser the question, would replacing  obtuse-smtp gum up the works?  is there a link to where I can find out more info about obtuse-smtp?

[Charlie Brady]

Chris Hardy wrote:

> > Not so, the qmail license doesn't allow the distribution of
> > modified versions.
>
> But as I understand the License, I could create a patched
> qmail src rpm and give people instructions on how to compile
> that..

Correct.

> is there a link to where I can find out more
> info about obtuse-smtp?

http://www.obtuse.com/.

Charlie

[Hasan Muhammad]

If the e-smith distributed version of qmail is not already SSL enabled, then aren't users already passing unencrypted passwords to retrieve email via POP or IMAP?

If unencrypted passwords are OK to authenticate users for retrieving email, why aren't they OK for authencating users to sent email?

BTW: I think using an SSL connection to authenticate SMTP users is an excellent solution to this dilemma.

P.S.
There have been many threads from users (including mysel) requesting a solution for roaming users to use the SMTP service.  The responses so far remind me of an old folk story... it goes something like this:

Bob: "Tom, may I please borrow your sledgehammer"?  

Tom: "I don't think so, I need to make sauerkraut tonight".

Bob: "Sauerkraut?  What does making sauerkraut have to do with me borrowing your sledgehammer"?

Tom: "Nothing... but if I don't want to lend you my sledgehammer, one excuse is just as good as another".