... dont do that, makes no sense ... dozends are not much if sombody cant connect, he will contact you by phone etc anyway if you mailed them before thatMessage 1 of 54 , Dec 3 11:39 PMView SourceAm 04.12.2012 08:20, schrieb Tomas Macek:
> On Tue, 4 Dec 2012, Reindl Harald wrote:dont do that, makes no sense
>> Am 04.12.2012 07:58, schrieb Tomas Macek:
>>>> 2) why would you setup a submission service that doesn't require auth
>>>> from MUAs?
>>> It's because they never had to. It is a historical problem. Now we
>>> have thousands of customers, that never had to
>>> authenticate, so there is no power to force them to do it now.
>> than you have lost any game
> Still hope I didn't. My roadmap:
> 1) split 25 and 587 with permit_mynetworks on 587 and thus allow the
> people without auth to send their email to 587
> 2) by means of prerouting rule of iptables redirect sending emails from
> $mynetworks to 587
>dozends are not much
> 3) the rest of the users are the ones, that travel with their notebooks
> around country and change providers and they will have to reconfigure
> their computers. There is no other chance. These are dozens.
if sombody cant connect, he will contact you by phone etc
anyway if you mailed them before that things gonna change and what to do
you may stay cool cause you gonna get them to better mail service
if you have autoconfigure setup for thunderbird and outlook, its no big
thing for users to change, just two clicks, existing webmail should work
MfG Robert Schetterer
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich
... Or better yet: replace it with postscreen. ... To clarify, I meant that if those Outlook Expresses are not yet compromised by malware, they will be, soon.Message 54 of 54 , Dec 4 5:58 AMView SourceOn Tue, Dec 04, 2012 at 07:46:10AM -0600, /dev/rob0 wrote:
> On Tue, Dec 04, 2012 at 11:59:01PM +1300, Peter wrote:Or better yet: replace it with postscreen.
> > I would still also set up port 587 on the mail.example.com
> > IP as submission as well and try to encourage your users (at
> > least the ones you can) to use port 587 from now on.
> What I would do, on Linux with IPv4 only, is create the submission
> port and use an iptables redirect for the alternate IP address:
> # iptables -vt nat -A PREROUTING -p tcp --dport smtp -d \
> mail.example.com -j REDIRECT --to-port submission
> This saves the overhead (system and administrative) of running
> another smtpd on [mail.example.com]:25; he can leave his "smtp ...
> smtpd" service alone in master.cf.
> I should also add as a reply to Stan in the other subthread: lookTo clarify, I meant that if those Outlook Expresses are not yet
> above at the first quoted paragraph: "Outlook Expresses setup with
> ... default configuration."
> Yikes, bad news, very bad. If not doing content filtering nor
> policy limitation of submission now, he will be soon. And possibly
> losing his job in any case. Tomas is not in a good place right now.
compromised by malware, they will be, soon.
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: