Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Allow open relay from one LAN address
« previous next »
Pages: [1]   Go Down

Allow open relay from one LAN address

  • 7 Replies
  • 946 Views

Offline charlien

  • ****
  • 88
  • +0/-0
    • http://www.rn-computing.com
Allow open relay from one LAN address
« on: January 30, 2009, 12:10:49 AM »
I need to allow my SME server to be an open relay for one IP address on our LAN. I want to make sure what I do will not open things up to the world. Can someone give me so direction. I'd appreciate it. To explain a little more, we have installed a voice mail that will send email notification to a user that there is a voice mail in there voicemail box. That server requires the use of an open relay. All the the intended recipients have mailboxes on the SME server (if that helps). The voice mail does not have any option for authentication on the SME server. I can only input the IP address of the SME box. 
Logged
...

Offline David Harper

  • *
  • 653
  • +0/-0
  • Watch this space
    • Workgroup Technology Solutions
Re: Allow open relay from one LAN address
« Reply #1 on: January 30, 2009, 12:19:05 AM »
Try this:

Code: [Select]
config setprop qpsmtpd Authentication disabled
signal-event email-update

AFAIK this will disable authentication for all LAN clients, but still not enable SMTP access to WAN clients. But I would do some testing just in case :-)
Logged

Offline charlien

  • ****
  • 88
  • +0/-0
    • http://www.rn-computing.com
Re: Allow open relay from one LAN address
« Reply #2 on: January 30, 2009, 12:52:31 AM »
"but still not enable SMTP access to WAN clients"

I'm not sure what that means. We allow ssl WAN access to our server so smartphone users can send/recieve email.
Logged
...

Offline David Harper

  • *
  • 653
  • +0/-0
  • Watch this space
    • Workgroup Technology Solutions
Re: Allow open relay from one LAN address
« Reply #3 on: January 30, 2009, 12:56:56 AM »
As far as I know altering the authentication settings will not affect this functionality - but do make sure to test the changes.
Logged

Offline charlien

  • ****
  • 88
  • +0/-0
    • http://www.rn-computing.com
Re: Allow open relay from one LAN address
« Reply #4 on: January 30, 2009, 02:08:19 AM »
Thanks David. I'm paranoid about becoming and open relay and wanted to bounce this off someone more knowledgeable than me. I will test it.
Logged
...

Offline David Harper

  • *
  • 653
  • +0/-0
  • Watch this space
    • Workgroup Technology Solutions
Re: Allow open relay from one LAN address
« Reply #5 on: January 30, 2009, 02:12:55 AM »
Let us know how you get along. AFAIK incoming WAN SMTP requests are blocked by the firewall, although SSMTP is allowed.

In the end, if it doesn't work, reverse the change as shown:

Code: [Select]
config setprop qpsmtpd Authentication enabled
signal-event email-update

... and we will put our thinking caps on.
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: Allow open relay from one LAN address
« Reply #6 on: January 30, 2009, 02:26:51 PM »
Quote from: David Harper on January 30, 2009, 02:12:55 AM
Let us know how you get along. AFAIK incoming WAN SMTP requests are blocked by the firewall, although SSMTP is allowed.

No, incoming WAN SMTP is permitted - that's how email addressed to your domain arrives. Mail relaying, however, is not permitted from the WAN connection, i.e. mail for other domains is not accepted.
Logged

Offline David Harper

  • *
  • 653
  • +0/-0
  • Watch this space
    • Workgroup Technology Solutions
Re: Allow open relay from one LAN address
« Reply #7 on: January 31, 2009, 12:57:38 AM »
Ah, that makes sense :)
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: Allow open relay from one LAN address