[CentOS] Per-user limits for port access

Thu Aug 21 12:00:36 UTC 2008
Jussi Hirvi <greenspot at greenspot.fi>

Alexander Dalloz (ad+lists at uni-x.org) kirjoitteli (21.8.2008 14:46):
> Pretty simple. If your intention is to define SMTP AUTH usage
> independent from shell access (i.e. by SSH)

Yes, though ssh access is not used by many users on this mail server. The
important thing is to allow for *all users* relaying from port 25 without
AUTH (of course as limited by the access list etc.).

> - side node: really think
> about whether it is a good idea to have user logins on your mail server

Do you mean ssh logins? I could actually consider limiting that. The easiest
way would probably be to edit (or remove) the shell declatarions in
/etc/passwd.

> - you should use sasldb as your SASL backend. You have to create the
> sasldb manually and this way you control who is permitted to relay remotely.

Ok, thanks I will take a look at this soon.

- Jussi

--
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hirvi at greenspot.fi * http://www.greenspot.fi