Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 02-23-2011, 11:08 PM   #1
Registered: Jun 2008
Posts: 57

Rep: Reputation: 0
Question qmail weakness needs to remove it

hi. we are using qmail as our MTA. Now the users are using outlook and web client. There is one important thing that i like to share with people here and request from the experts to suggest some solution. when using outlook you can just give someone's else name who has got an account in the same domain having same qmail server running and you will be receiving and sending on the behalf of that person rather you will be using his/her account. This is a great flaw. Now if someone is aware of that and knows how to correct it plz share his/her experience.
Old 02-24-2011, 04:14 AM   #2
Senior Member
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
It sounds like the authentication is based upon network and not on a per user basis and the users are within the network OR you are inadvertently running an open relay. Typically one would use SASL authentication against a user database with passwords. I don't know much about qmail's authentication mechanisms, but I do know that qmail is old and has been unsupported for a long time. Unless there is an easy solution to this problem, I would recommend a more current MTA.
Old 02-24-2011, 05:06 AM   #3
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444

Rep: Reputation: 41
Originally Posted by aliabbass View Post
you will be receiving and sending on the behalf of that person rather you will be using his/her account.
I can understand that you will be sending email using that person's account. I would be surprised if you could receive that person's email without their password.

Email applications can use smtp auth to enforce the use of a password when sending email. Go to and do a search for smtp auth. You will see some options.

I would recommend setting up a test server and getting smtp auth to work on it first. You should only modify your production server when you have everything working properly.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
qmail-remove prashantbhushan Linux - Networking 0 07-22-2006 02:53 AM
Fatal weakness in Linux cov Linux - Software 71 07-05-2005 04:13 AM
Remove qmail Lostboys Linux - Software 1 04-20-2005 07:25 AM
how to remove qmail ? zapperabhi Linux - Software 5 11-16-2004 08:34 AM
qmail +qmail-qfilter + problem countcobolt Linux - Networking 0 07-08-2004 11:29 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 06:08 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration