SMTP Server Authentication

In order to prevent unauthorized people from using your Email server to send their messages, your Virtual Private Server requires that anyone sending Email through your server has a valid Email address and password for your server. SMTP-Auth is the new standard for Email server authentication, and provides excellent security with no management hassles. The way SMTP-Auth works is to incorporate a username/password authentication system into the SMTP server itself. This effectively eliminates the need to maintain a database of authenticated POP users, which reduces the hassle of maintenance and the associated security risks.

The default for new Virtual Private Servers (set up after January 16, 2003) allows users to select either POP before SMTP or SMTP-Auth authentication as a convenience. The following optional sendmail configuration files are available as part of the Sendmail M4 Macros (run vinstall sendmail to install the M4 macros with the alternate configuration files).

• For both POP before SMTP and SMTP-Auth support, replace your default ~/etc/sendmail.cf file with the one in ~/usr/local/sendmail/cf/cf/default.cf.

• To use SMTP-Auth only, replace your default ~/etc/sendmail.cf file with the ~/usr/local/sendmail/cf/cf/default-auth-only.cf file.

• If you are using procmail, you will need to use the default-procmail-lda.cf or default-procmail-lda-auth-only.cf files respectively.

Configuring your Email Client Program to use SMTP-Auth

Different Email client programs will require different steps to enable SMTP-Auth. See our Email Client Configuration pages for instructions on how to configure your client to use SMTP-Auth. Because of the improved functionality of SMTP-Auth, we stronly recomend encouraging your users to migrate to the SMTP-Auth method.