Hi,
I host 2 domains. One server acts as the primary mail MX for both domains. I'd like to add the ability for me to relay mail through this host while remote and connected via WiFi to some other public network. The relaying ability needs to be authenticated, and encrypted. I don't want an open relay. And I don't want to force other MTAs to deliver mail bound for these 2 domains to either authenticate or do SSL/TLS.
In searching about sendmail plus SMTP-Authentication and STARTTLS, I thought I remembered coming across a link stating something like "..don't do this, unless your mailer just forwards to your ISP's MTA in something of a smarthost setup.." I lost the link before I could examine it closely. I suspect it had some cautionary warning about breaking the expected behavior of communication between MTA & MTA over port 25. Am I wrong in expecting that secure authentication is OK for relaying my mail through my host bound for some other domain?
And then I also found links describing smpts and ports 465 versus 587. ( among the links that weren't years old ) Is using port 587 the recommended way to do secure authentication? I assume sendmail can service both ports 25 and 587. And I assume MUAs can interface with port 587..
The handbook describes enabling SMTP Authentication. But I'm not sure those instructions included the secure half of secure authentication. Did I misunderstand what was written?
I expect it's recommended that sendmail use port 25 to accept mail bound for "this" domain, unauthenticated and unencrypted. I don't want to break what's already working. Just add secure auth for my own relay..
If there's a good up-to-date link to a how-to that anyone can point me to, I'd appreciate it.
Thanks in advance
I host 2 domains. One server acts as the primary mail MX for both domains. I'd like to add the ability for me to relay mail through this host while remote and connected via WiFi to some other public network. The relaying ability needs to be authenticated, and encrypted. I don't want an open relay. And I don't want to force other MTAs to deliver mail bound for these 2 domains to either authenticate or do SSL/TLS.
In searching about sendmail plus SMTP-Authentication and STARTTLS, I thought I remembered coming across a link stating something like "..don't do this, unless your mailer just forwards to your ISP's MTA in something of a smarthost setup.." I lost the link before I could examine it closely. I suspect it had some cautionary warning about breaking the expected behavior of communication between MTA & MTA over port 25. Am I wrong in expecting that secure authentication is OK for relaying my mail through my host bound for some other domain?
And then I also found links describing smpts and ports 465 versus 587. ( among the links that weren't years old ) Is using port 587 the recommended way to do secure authentication? I assume sendmail can service both ports 25 and 587. And I assume MUAs can interface with port 587..
The handbook describes enabling SMTP Authentication. But I'm not sure those instructions included the secure half of secure authentication. Did I misunderstand what was written?
I expect it's recommended that sendmail use port 25 to accept mail bound for "this" domain, unauthenticated and unencrypted. I don't want to break what's already working. Just add secure auth for my own relay..
If there's a good up-to-date link to a how-to that anyone can point me to, I'd appreciate it.
Thanks in advance