The main mail protocol, SMTP has a hole in it: there is no verification of the sender. This allows spammers and others to pretend to be anyone they want. But with a little bit of effort, sendmail (for example) can be configured to use SSL and user verification. That way you can have your own SMTP-server accessible anywhere, without open relay.

There are also several new protocols for fixing SMTP problems:

• SPF
• SMTP authentication

Set it up

Now you do not want anyone to be able to use your mail server as spam-catapult. So you need sender verification in your postfix service.

Make sure your authentication service is running:

/etc/init.d/saslauthd status 

has to deliver

running

In /etc/postfix/main.cf, set

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

Restart Postfix

/etc/init.d/postfix restart

To prove it works, use kmail. Set "server requires password" in the outgoing mail account.

TroubleShooting

If you get an error message like

Error: authentication failed: generic failure

Make sure the saslauth daemon is running:

/etc/init.d/saslauthd restart

See also

• http://www.jonfullmer.com/smtpauth/