how to allow ANY username & password combo for SMTP Authentication

how to allow ANY username & password combo for SMTP Authentication

am 19.12.2007 14:18:41 von Jimojo

Hi Everyone,

I am trying to setup sendmail using SMTP Authentication to allow ANY
username and password combo sent to it to be correctly authenticated.

I know this seems stupid to do this but we operate a hotspot system
and we dont want people to have to disable SMTP Autnetication to use
our mail server (it automatically redirects all port 25 requests to
our server)

Currently as it stands it redirects to our mail server but wont
authenticate (for obvious reasons)

We want to overcome this by allowing any username and password combo
sent to the mail server.

Does anyone have any idea on how to do this?

Any help you guys can give me would greatly be appreciated.

Re: how to allow ANY username & password combo for SMTP Authentication

am 19.12.2007 21:03:03 von gtaylor

On 12/19/07 07:18, Jimojo wrote:
> I am trying to setup sendmail using SMTP Authentication to allow ANY
> username and password combo sent to it to be correctly authenticated.

Ok... (Understood, and your motivations seem valid.)

> Does anyone have any idea on how to do this?

I would consider attempting to configure Sendmail to use SASL to
authenticate and then have SASL go through a different SASL back end
that will in its self return "true" (or what ever the SASL nomenclature
is) to any login attempts. Thus a stock Sendmail configuration will
allow any user name and password. I think this would be much easier
than altering Sendmail it's self and worrying about bugs introduced in
the process. There may also be other uses for such an SASL back end.
Heck, there may already be such an SASL back end.



Grant. . . .

Re: how to allow ANY username & password combo for SMTP Authentication

am 19.12.2007 21:42:12 von Kees Theunissen

Jimojo wrote:
> Hi Everyone,
>
> I am trying to setup sendmail using SMTP Authentication to allow ANY
> username and password combo sent to it to be correctly authenticated.
>
> I know this seems stupid to do this but we operate a hotspot system
> and we dont want people to have to disable SMTP Autnetication to use
> our mail server (it automatically redirects all port 25 requests to
> our server)
>
> Currently as it stands it redirects to our mail server but wont
> authenticate (for obvious reasons)
>
> We want to overcome this by allowing any username and password combo
> sent to the mail server.

Are you transparently redirecting all clients to your server? Even when
a users thinks he/she is authenticating against his/her own server?

Are you aware that such a setup will break everything that a user
expects to be present on the user's (company) mail server.

SPF, if configured for the sender's domain, will fail for sure.
Other things that might be implemented on the user's server -and
that will fail in your setup- include, and are not limited to:
-- central logging of outbound mail
-- central archiving of outbound mail
-- addition of disclaimers and the like
-- signing and/or encrypting of outbound mail
-- DKIM or other sender (sending domain) verification methods.


Regards,

Kees.

--
Kees Theunissen.