In order to prevent unauthorized people from using your Email server to send their messages, your Virtual Private Server requires that anyone sending Email through your server has a valid Email address and password for your server. SMTP-Auth is the new standard for Email server authentication, and provides excellent security with no management hassles. The way SMTP-Auth works is to incorporate a username/password authentication system into the SMTP server itself. This effectively eliminates the need to maintain a database of authenticated POP users, which reduces the hassle of maintenance and the associated security risks.

Virtual Private Servers that were set up before January 16, 2003 are set up to use the POP before SMTP anti-relay technique. This is an older method of authentication that uses a database of authenticated POP users to authorize SMTP access. While it is an effective anti-relay tool, SMTP-Auth is a better solution, and we recomend that VPS administrators encourage their customers to begin using SMTP-Auth instead of POP before SMTP.

The default for new Virtual Private Servers (set up after January 16, 2003) allows users to select either POP before SMTP or SMTP-Auth authentication as a convenience. The following optional sendmail configuration files are available as part of the Sendmail M4 Macros (run vinstall sendmail to install the M4 macros with the alternate configuration files).

SMTP-Auth is easy to use because it requires no maintenance on the server-side. All new FreeBSD Virtual Private Server accounts activated after January 16, 2003 will have SMTP-Auth and POP-before-SMTP enabled. Any Virtual Private Servers activated prior to January 16 will remain using their original POP-before-SMTP settings until you change them. The Sendmail M4 Macros include pre-built configuration files for using either SMTP-Auth only or both SMTP-Auth and POP-before-SMTP. When the macros are installed, you will find the configuration files in the ~/usr/local/sendmail/cf/cf/ directory.

For both POP-before-SMTP and SMTP-Auth, replace your default ~/etc/sendmail.cf with the one in ~/usr/local/sendmail/cf/cf/default.cf.

To use SMTP-Auth only, replace the default ~/etc/sendmail.cf file with the ~/usr/local/sendmail/cf/cf/default-auth-only.cf file.

If you are using procmail, you will need to use default-procmail-lda.cf or default-procmail-lda-auth-only.cf files, respectively.

Configuring Your E-Mail Client Program To Use SMTP-Auth

Different E-mail client programs will require different steps to enable SMTP-Auth. See our E-mail Client Configuration pages for instructions on how to configure your client to use SMTP-Auth. Because of the improved functionality of SMTP-Auth, we stronly recomend encouraging your users to migrate to the SMTP-Auth method.

Please note: the information on this page applies to ITS web hosting plans. It may or may not apply to other environments. If you are looking for a feature described here, or better support from your hosting provider, please consider hosting your site with ITS!

1555 N Naperville/Wheaton Road, Suite 107
Naperville, IL 60563
phone 630.420.2550
fax 630.420.2771