We mention SMTP authentication and encryption in earlier chapters, and also mention several aspects of the other processing that happens when Exim sends or receives messages using SMTP. In this chapter, we describe how SMTP authentication and encryption works, and how you can configure Exim to make use of them. After that we go into some detail about general SMTP processing, for those that want to know more about the nitty-gritty.
The original SMTP protocol, designed for a small, cooperative network consisting mostly of fairly large, multiuser hosts, had no concept of authentication. All hosts were equal, and any host could send mail to any other for onward delivery as best it could. Today’s Internet is very different. The concept of servers and clients has arisen, and hosts that do mail relaying are servers that are configured to allow it to happen only when the mail arrives from an approved client.
One way of controlling relaying is by checking the sending host (as discussed in Section 13.9, in Chapter 13). For example, you might permit relaying only from clients on your local network, using a configuration such as:
host_accept_relay = 192.168.5.224/27
but that approach does not work in cases such as the following:
An employee with a laptop is away from base, and wants to be able to connect from arbitrary locations and send outgoing mail via the server back at home. Even without a laptop, someone ...