Mailing List SIMS@mail.stalker.com Message #13552
From: Global Homes Webmaster <webmaster@globalhomes.com>
Subject: Re: Setting up a backup mail server
Date: Wed, 3 Sep 2003 10:08:05 -0700
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Mailsmith 2.0.1 (Blindsider)
On 09/03/03 at 10:55 -0500, NetHead opined:

> Sorry to keep on about this, but I have a few more questions that have
> come up.

Just to refresh my memory, you're setting up a SIMS server as an outgoing
SMTP relay for your network, with a W*Mail server for incoming mail, right?

> I'm assuming it's safe to shut down ALL POP channels on the secondary
> server. Since I don't want to actually receive mail there, there's no
> need for POP access, right?

Correct. And from a security point of view, it's safer to have the POP
server shut down -- it's one less entry point into your system.

> On the SMTP setup, I assume I set up as many sending channels as I want
> (at least one, right?) And I need at least one receiving channel?

If you want your users to be able to use the server as an SMTP relay, then
yes, it needs channels for both receiving messages and sending them on to
their destinations. How many channels you enable, both incoming and
outgoing, depends on how many users you have and the likelihood of two or
more of them trying to send messages simultaneously.

> Do I "Advertise AUTH Capability"?

If you don't have any accounts, then no one will have usernames/passwords
to authenticate with and there's no point in advertising AUTH. It would
probably only encourage enterprising spammers to try to guess passwords.

> What about "Allow ETRN for Clients Only" (there's only one client,
> the "Postmaster", so do I need this)?

'Postmaster' is an account, not a client. 'Clients' are hosts whose IP
addresses are in the 'Client Hosts' list. And, yes, I'd enable 'Allow ETRN
for Clients Only', although if there are no accounts on the server to
accept and hold mail, it doesn't really matter. No need to encourage the
riff raff unnecessarily, though.

> What about blacklists? Do I use the same blacklists from my primary? Or
> do I not worry about it?

Same answer as before. If your SIMS server doesn't accept incoming mail,
there's no need for it to use any blacklists.

> I assume I "Relay for clients only" so I'm not providing an "open
> relay";

Absolutely!

> so do I need to put it the same client IP list?

You need to put IP addresses in the client hosts list of any and all hosts
you wish to allow to relay through the server. Since you won't have any
accounts set up, no one will be able to authenticate SMTP sessions using
either SMTP AUTH or POP-before-send so, as long as 'Relay for Clients Only'
is enabled, the _only_ way anyone will be able to relay messages is if
they're sending from an IP address that's in the client hosts list.

--
                   Christopher Bort | cbort@globalhomes.com
            Webmaster, Global Homes | webmaster@globalhomes.com
                      <http://www.globalhomes.com/>
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster