force smtp auth

Doug McComber doug.mccomber at
Tue Feb 13 00:32:28 UTC 2007

On 2/12/07, Jeffrey Goldberg <jeffrey at> wrote:
> On Feb 11, 2007, at 8:27 PM, Doug McComber wrote:
> > This is for a web server that runs Drupal.  I don't use the server for
> > email as I have that hosted elsewhere. I just want Drupal to be able
> > to send email (from localhost) via smtp auth. This is working right
> > now except mail can also be sent without using smtp auth.
> I'm not entirely sure what you are asking.  Is all the mail that
> Drupal sends from localhost?  That is, is there a need for Drupal to
> listen on port 25 (or 587) at all?   If there is no need for
> listening, then sendmail should be set up as a client only and listen
> only to localhost.  I don't work with sendmail on FreeBSD so I can't
> say exactly how you do this, but getting something like
>   DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')
> in the .mc source for your should tell it to listen to
> daemon host.
> If you do want to connect to the machine remotely and have it relay
> mail for you, then having something like
>   DAEMON_OPTIONS(`Name=MSA, Port=587, M=E')
> in the mc file that is the source for your file should do
> the trick.  That tells sendmail to listen on port 587 (smtp
> submission port) and require authentication.  The M=E is what
> requires the authentication.
> Don't add that by hand, it is already nicely set up if  you use
>    FEATURE(`msp')
> If you want to force authentication even on localhost connections,
> then I guess something like
>   DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA, M=E')
> should do the trick.
> Poking around I see that the src mc file is /usr/src/etc/sendmail/
> However, there is a good chance that I've answered the wrong
> question, because I'm not sure what it is that you are after.
> And someone who is familiar with managing sendmail on FreeBSD will be
> able to tell you the FreeBSD way of doing things.
> -j
> --
> Jeffrey Goldberg              
Thanks Jeffrey.  What I'm after is that I want sendmail to require
smtp auth regardless of who what or where.  This is because I am only
using sendmail on this server for php content management systems
(drupal) to send verification emails.  But, the reality is that over
time a#$%oles will find a new security flaw in php and/or the cms and
use my server to send spam (or worse).  So, with smtp auth required
for ALL smtp connections I can (hope to) stop this from happening.
Anyway, what worked to force smtp auth was M=Ea.

Thanks again,

More information about the freebsd-questions mailing list