FRAMINGHAM (01/31/2000) - We're a start-up with a distributed work force that needs to send Internet mail through our Unix mail server from a variety of locations, including sites that receive laptop IP addresses from a local DHCP server. Sendmail Inc. seems to control relaying based on domain name and/or IP addresses. We want to let our people send Internet mail through our server from their Windows laptops wherever they are. We don't want anyone else to use our mail server as a relay host. How can I perform user authentication without implementing a full virtual private network (VPN)?
Check out Sendmail information at sendmail.org, sendmail.net and sendmail.com.
The configuration FAQ at sendmail.net recommends that mobile users reconfigure their mail client to use the local site's mail server for sending mail. You also can set the "relay_local_from" parameter in Sendmail to let users get mail through your server based on their e-mail address. In the end, you will probably want to implement a VPN to authenticate and protect your network services. Until then, there are tools available to control Sendmail relaying by opening the service to users who have authenticated using a Post Office Protocol 3 (POP3) client. One tool, poprelayd, is available at www.cynic.net/~cjs/computer/sendmail/poprelay.html. This won't help at sites that don't allow POP3 clients to talk to servers outside their firewall, but it might be what you're looking for.
Blass is a network architect at Sprint Paranet in Houston. You can reach him at email@example.com.