To increase the SMTP user authentication feature for QMail

This article describes how to allow QMail to add smtpd-auth functionality.

Software Requirements

System version: RedHat6.2

Required Software: 1, qmail-1.03 (www.qmail.org) qmail main package

2, Checkpassword (cr.yp.to/checkpwd.html) Let qmail use the system user authentication password Authentication package or Vpopmail (Www.inter7.com/vpopmail) Let QMail support MySQL and virtual host user authenticated password authentication package

3, QMAIL-SMTPD.C (WWW.NIMH.ORG/HACKS/QMAIL-SMTPD.C) qmail support SMTP certified patches or to http://www.elysium.pl/members/brush/download Qmail-smptd.patch

Principle Introduction

After the QMail system is installed, its SMTP is to allow anyone to send mail anonymously. However, this is often exploited by malicious spammers. Therefore, to avoid this problem, we install and configure the SMTP Password Authentication feature for QMail.

First, let's get to know what the relay rules are under SMTP.

Relay rules can also be understood as forwarding rules. When a user uses Telnet to port 25 (SMTP port), or sends a message using a MUA (user posting agent) such as Outlook, the server determines at the back end whether to allow forwarding (sending) the message, based on whether the recipient's domain name is within the permission.

In QMail, there is a configuration file called Rcpthosts (the file name originates from the RCPT TO command), which determines whether to accept a message. The message is accepted only if the domain name of the recipient address in a RCPT TO command exists in the rcpthosts file, or the message is rejected. If the file does not exist, all messages will be accepted. When a mail server forwards (relay) all messages, regardless of the recipient of the message and the recipient of the message, the mail server is referred to as open forwarding (relay). When the QMail server is not rcpthosts, it is open forwarded.

The easiest way to set your own server to be a non-open relay is to include all the domain names of your mail server (if the MX record of DNS is pointing to the machine). But to achieve the SMTP user roaming function, that is, any legitimate users of the network can send letters, only the use of rcphosts is difficult to operate, because it is not possible for each user to connect in to modify a rcphosts to include the sender domain name and IP, and then restart the qmail. Obviously, this method is not realistic. Don't worry.