Re: [exim] Security

Etusivu
Poista viesti
Vastaa
Lähettäjä: Brian Spraker
Päiväys:  
Vastaanottaja: exim-users
Aihe: Re: [exim] Security




----- Original Message ----
From: The Doctor <doctor@???>
To: Brian Spraker <spraker@???>
Sent: Mon, March 7, 2011 2:09:13 PM
Subject: Re: [exim] Security

On Mon, Mar 07, 2011 at 08:38:52AM -0800, Brian Spraker wrote:
>
>
>
>
> ----- Original Message ----
> From: The Doctor <doctor@???>
> To: exim-users@???
> Sent: Mon, March 7, 2011 10:06:09 AM
> Subject: [exim] Security
>
> Next question who be security is nice and high but
> someone sending outside my LAN get rejected.
>
> How is that fixed with compromising security?
>
> -- 
> Member - Liberal International    This is doctor@??? Ici 
> doctor@???
> God, Queen and country! Never Satan President Republic! Beware AntiChrist 
> rising! 

>
> http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
> Now is the time time to declare your allegiance!
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> Not really sure what you mean. I understand you want to allow a person that
>has
>
> an e-mail account on your system - that is outside your network - to be able to
>
> send a message through your system?
>
> Brian S.
> BsnTech Networks
> http://www.bsntech.com
>
>
>
>
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


Right,

someone from outside the LAN is trying to send e-mail.

We control the domain from inside the lLAN
but exim is rejecting the e-mail because it is originating
from outside the LAN.

-- 
Member - Liberal International    This is doctor@??? Ici 
doctor@???
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 


http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Now is the time time to declare your allegiance!

This means that you will need to setup authentication parameters in your
configuration file. Then, those that are trying to connect will have to ensure
they set the "My Server Requires Authentication" (or something like that) in
their e-mail clients. That way when they attempt to send a message, the e-mail
client will know it needs to send authentication information before the message
can be sent.

In my Exim configuration file, I have this:

  accept
    authenticated = *


Then at the bottom of the config file (in my case), you'll need to specify your
authentication techniques:

begin authenticators

plain:
    driver = plaintext
    public_name = PLAIN
    server_set_id = $2
    server_condition = <condition here>
    server_advertise_condition = true


login:
    driver = plaintext
    public_name = LOGIN
    server_prompts = "Username:: : Password::"
    server_condition = <condition here>
    server_set_id = $1
    server_advertise_condition = true


>From there, I'm not sure how you have your authentication techniques setup, but

it depends on them entering a proper username/password to authenticate.

Brian S.
BsnTech Networks
http://www.bsntech.com