From: Noel Jones (no email)
Date: Thu Mar 01 2007 - 17:55:57 EST
At 04:09 PM 3/1/2007, Trevor Antczak wrote:
>I run a mailserver for my company here (lite3d.com). Weıre a high tech type
>place, and most of our users have laptops and high speed networks at home.
>Theyıd like to be able to do work from home, but the problem is that most of
>them (us really) have Cox highspeed internet, which will not allow you to
>hook up to remote mailservers through its network. You have to send all of
>your mail through smtp.east.cox.net or it doesnıt leave their network (I
>suppose one could set up a mailserver that listens on a non-standard port
>and bypass this, but itıs probably not worth the effort).
There is a standard alternate port called the submission port,
587. Virtually all mail clients support sending mail to the
submission port, and it's very rare to see this port blocked.
There's probably a commented-out submission entry in your master.cf
you can use as a starting point.
The submission port is usually used along with TLS encryption and
SASL authentication to prevent abuse and to insure privacy.
If you enable the submission port with TLS and SASL for both internal
and external use, your users' laptops will be able to send mail
wherever they are without needing to select an alternate
config. You'll also want to use TLS for your POP3/IMAP server so
your users can read mail securely.
>Our mailserver is setup to reject mail that appears to be from lite3d.com
>but is not coming from a lite3d.com server. This is a perfectly normal and
>common setting, and I ordinarily support it, but itıs causing problems right
You did this by adding a check_sender_access map to your
configuration that has an entry similar to
lite3d.com REJECT
You can either delete this entry or create a whitelist for the cox
mail servers just prior to that check. Post your "postconf -n"
output for detailed instructions.
But if you enable the submission port you won't need to change this policy.
-- Noel Jones
|
|
|