Centos 5.x again... Is there a way to limit port access on a per-user basis? My practical goal is to limit, who is allowed to use SMTP AUTH in Sendmail. Any possible solutions appreciated... Obviously, limiting by ip will not work, since the very purpose of SMTP AUTH is to enable mail relaying for trusted users from *anywhere*. - Jussi -- Jussi Hirvi * Green Spot Topeliuksenkatu 15 C * 00250 Helsinki * Finland Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms) jussi.hirvi at greenspot.fi * http://www.greenspot.fi
Jussi Hirvi schrieb:> Centos 5.x again... > > Is there a way to limit port access on a per-user basis? My practical goal > is to limit, who is allowed to use SMTP AUTH in Sendmail. Any possible > solutions appreciated... > > Obviously, limiting by ip will not work, since the very purpose of SMTP AUTH > is to enable mail relaying for trusted users from *anywhere*. > > - JussiPretty simple. If your intention is to define SMTP AUTH usage independent from shell access (i.e. by SSH) - side node: really think about whether it is a good idea to have user logins on your mail server - you should use sasldb as your SASL backend. You have to create the sasldb manually and this way you control who is permitted to relay remotely. Alexander
Jussi Hirvi wrote:> Is there a way to limit port access on a per-user basis? My practical goal > is to limit, who is allowed to use SMTP AUTH in Sendmail. Any possible > solutions appreciated... > > Obviously, limiting by ip will not work, since the very purpose of SMTP AUTH > is to enable mail relaying for trusted users from *anywhere*.You could use new ability of milter-greylist (from 4.0 version), that provides method to limit connections by any criteria, such as remote ip, sender/recipient address, authentication status and many more. You could extend configuration by using external helper, that can be reached by, for example, ldap or http protocols.