Summary: Update of Verio's SMTP Server Authentication Protocol for Virtual Private Servers.
Keywords: 2385, VPS SMTP, SMTP-Auth, POP-before-SMTP, Sendmail M4 Macros,
Description: a description goes here
In order to prevent unauthorized people from using your Email server to send their messages, your Virtual Private Server requires that anyone sending Email through your server has a valid Email address and password for your server.
Until recently, your Virtual Private Server relied on the POP before SMTP method, which used a file named relayers.db to store the originating IP address and username of anyone who sucessfully used POP to check their email. If a message came to the SMTP server from a stored IP address and username, the SMTP server would deliver the message without any problems. While this method is effective, there are some weaknesses in it, including the inconvenience of managing the relayers database.
| SMTP-Auth |
 |
|
|
SMTP-Auth is the new standard for Email server authentication, and provides better security with no management hassles. The way SMTP-Auth works is to incorporate a username/password authentication system into the SMTP server itself. This effectively eliminates the need to maintain a database of authenticated POP users, which reduces the hassle of maintenance and the associated security risks.
As a transitional step, both POP before SMTP and SMTP-Auth are built in to your Virtual Private Server, although we strongly recomend you switch to the new system as soon as possible. Because some older Email client programs do not support the SMTP-Auth system, you may need to upgrade your Email client software during this transitional period.
| Usage |
|
|
|
SMTP-Auth is easy to use because it requires no maintenance on the server-side. All new FreeBSD Virtual Private Server accounts activated after January 16, 2003 will have SMTP-Auth and POP-before-SMTP enabled. Any Virtual Private Servers activated prior to January 16 will remain using their original POP-before-SMTP settings until you change them. The Sendmail M4 Macros include pre-built configuration files for using either SMTP-Auth only or both SMTP-Auth and POP-before-SMTP. When the macros are installed, you will find the configuration files in the ~/usr/local/sendmail/cf/cf/ directory.
In order to enable both POP-before-SMTP and SMTP-Auth, replace your ~/etc/sendmail.cf with the ~/usr/local/sendmail/cf/cf/default.cf.
To use SMTP-Auth only, replace the ~/etc/sendmail.cf file with the ~/usr/local/sendmail/cf/cf/default-auth-only.cf file.
If you are using procmail, you will need to use the procmail enabled versions of the configuration files (default-procmail-lda.cf or default-procmail-lda-auth-only.cf.
| Configuring your Email Client Program to use SMTP-Auth |
|
|
|
Different Email client programs will require different steps to enable SMTP-Auth. See our Email Client Configuration pages for instructions on how to configure your client to use SMTP-Auth. Because of the improved functionality of SMTP-Auth, we stronly recomend encouraging your users to migrate to the SMTP-Auth method.