Let's try that again - sorry TAB is not a good key to use in Phorum

Gordon Rowell wrote:
> Andy K wrote:
>
>> We need to configure our server to relay from a couple
>> specific domains. Several employees use another ISP to
>> access their email accounts on our server and we want to
>> allow them to send through our e-mail server. How could
>> we do this?
> [...]
This is actually far less trivial to implement securely than it
seems. What you don't want to do is to make your box an open SMTP
relay.
I'm assuming that your employees are using SMTP directly to your box,
and that is what you need relayed. If not, why not just use the ISP's mail
relay, as they have to allow relaying for their client IP addresses?
If your employees have static IP addresses at the other ISP, you
can add them to the qmail-smtpd entry in /etc/hosts.allow by doing the
following:
- modify the qmail-smtpd template entry which uses $localAccess
(i.e. the one which sets RELAYCLIENT
- add a comma and the IP address of the remote machine
- do a console-save to update the file.
- run tcpdchk to check /etc/hosts.allow
- test
If they have dynamic addresses at the ISP you need to implement another
form of authentication as adding the IP addresses will allow _anyone_ from
the ISP to relay via your host - *DON'T* do this.
www.qmail.org has a few ways of doing selective relaying.
Gordon