Topic: Authentication with a Qmail smarthost

[Yvick]

Hello All,

I've been doing some reading on Qmail and I am starting to understand how it all fits together on an SME server (running 6.5RC1 at the moment).

However, I am unable to figure out how to implement outgoing security (authentication) on my ISP SMTP server which I want to use to relay all my mail (the reason for this is that many SMTP servers use reverse DNS queries as an antispamming method, and I host my server behind a dynamic IP, and apparently the ISP does not publish a reverse lookup zone for its public IP range).

One can redirect outgoing SMTP connections to a delegate server easy with the server-manager console, but no amends are made for authentication...

Any ideas ?

Cheers,

Yvick

[stefan24]

I am unable to figure out how to implement outgoing security (authentication) on my ISP SMTP server which I want to use to relay all my mail

With 6.01 you have no luck (at least not with legally  available solutions), but with 6.5 RC1 you can use the SMTP Proxy:

Quoting Charlie Brady:

The e-smith-email RPM included in 6.5beta1 includes an
an SMTP authentication proxy. The server can be configured so that qmail uses this proxy for all outgoing SMTP connections. Mitel made this software available in e-smith-email-4.15.1-06 in the devel directory on the various mirrors, and Shad has picked that version up as the basis for his work on 6.5.

Because qmail has not been modified in any way, there's no legal restriction on distribution of this solution.

As I understand it, there is no panel support for this feature. To enable it from the command line, do:

config setprop smtp-auth-proxy status enabled
config setprop smtp-auth-proxy Userid aaaaa
config setprop smtp-auth-proxy Passwd xxxxxxxxx
config set SMTPSmartHost smtp.your.isp
signal-event email-update


--------------

I tried that with 6.01 and some new RPMs with no luck, but with 6.5 it worked perfectly.

[Yvick]

Hello again,

I have finally figured out how this all works. However, I am in France on a wanadoo DSL link, the SMTP server resolves funny with this provider so I have to use its IP.

When I use the IP I get a "This server does not accept authentication" message as stated in the last part of the smtp-auth-proxy.pl perl script.

It's a huge bummer 'caus the same setup works with Outlook Express: ie I am able to relay once authenticated.

Your thoughts on this ?

Thanks again.

Yvick

[CharlieBrady]

Hello again,

I have finally figured out how this all works. However, I am in France on a wanadoo DSL link, the SMTP server resolves funny with this provider so I have to use its IP.

When I use the IP I get a "This server does not accept authentication" message as stated in the last part of the smtp-auth-proxy.pl perl script.

It's a huge bummer 'caus the same setup works with Outlook Express: ie I am able to relay once authenticated.

Are you using port 25 for Outlook Express, or port 587? Google suggests that you need to use port 587 for auth SMTP access to wanadoo. If that's the case, you'll need to modify the smtp-auth-proxy.pl script.

[Yvick]

Used port 25 on my OE test. Worked fine. Can't telnet to port 587 on smtp.wanadoo.fr.
I am at a loss ...

[CharlieBrady]

Used port 25 on my OE test. Worked fine. Can't telnet to port 587 on smtp.wanadoo.fr.
I am at a loss ...

What do you see if you telnet to port 25 from your server, and type "ehlo foo"?

Your next step might be collecting a packet trace when smtp-auth-proxy.pl tries to talk to wanadoo, and when OE tries to talk to wanadoo.

Do wanadoo document their authe requirements anywhere?