SMTP authentikace na smtp.quick.cz
Dan Ohnesorg
Dan na ohnesorg.cz
Čtvrtek Červenec 17 10:00:15 CEST 2003
Dne Thu, Jul 17, 2003 at 09:19:18AM +0200, Kovar Jan napsal:
> Mozna ted budu za blbce, ale trosku mi neni jasne, proc by se mel postfix
> authentifikovat (hrozne slovo).
> Ciste teoreticky:
> uzivatel franta z me domeny domena.cz posila mail na jirka na jinadomena.cz
> Postfix to prijme, z DNS si vytahne MX pro jinadomena.cz
> Pokud ten MX je quick.cz, tak to neni relaying. Pokud neni, tak s tim
> quick.cz nema co delat a neni potreba nastavovat authentifikaci.
> Ledaze byste mel nastaveny postfix tak, ze vsechno pere na smtp.quick.cz. Je
> duvod to takhle delat?
Samozrejme zasadni duvod je, ze mnoho lidi ma i v dnesni dobe nepermanentni
pripojeni k internetu. A dorucit postu do exotickych domen muze byt jednak
chvilemi nemozne a jednak casto zdlouhave. To nakonec neplati jen pro
exoticke domeny, spousta ceskych firem si nemuze dovolit vice nez 128 linku
a pak ji ma v pracovni dobe tezce pretizenou.
Takze pro takoveho uzivatele je idealni, kdyz si nastavi smart hosta a
vsechno napere na prvni server, ktery ma nejblize a necha ho pracovat za
sebe.
Jinak zapina se to timhle:
# SMTP CLIENT CONTROLS
# The smtp_sasl_auth_enable parameter controls whether authentication
# is enabled in the Postfix SMTP client. By default, the Postfix SMTP
# client uses no authentication.
#
#smtp_sasl_auth_enable = yes
smtp_sasl_auth_enable = no
# The smtp_sasl_password_maps parameter specifies the names of lookup
# tables with one username:password entry per remote hostname or
# domain. If a remote host or domain has no username:password entry,
# then the Postfix SMTP client will not attempt to authenticate to
# the remote host.
#
# The Postfix SMTP client opens the lookup table before going to
# chroot jail, so you can leave the password file in /etc/postfix.
#
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
# The smtp_sasl_security_options parameter controls what authentication
# mechanisms the local Postfix SMTP client is allowed to use. The
# list of available authentication mechanisms is system dependent.
#
# Specify zero or more of the following:
#
# noplaintext: disallow methods that use plaintext passwords
# noactive: disallow methods subject to active (non-dictionary) attack
# nodictionary: disallow methods subject to passive (dictionary) attack
# noanonymous: disallow methods that allow anonymous authentication
#
# By default, the Postfix SMTP client will not use plaintext passwords.
#
#smtp_sasl_security_options =
smtp_sasl_security_options = noplaintext
ale nezkousel jsem to.
zdravim
dan
Další informace o konferenci Sendmail