VPS Technical Support : SMTP Server Authentication

Experiencing a Technical Difficulty?

- Submit Trouble Report

- Send Email to Support

- Support Library

Subscribe to Email Announcements

SMTP Server Authentication

In order to prevent unauthorized people from using your Email server to send their messages, your Virtual Private Server requires that anyone sending Email through your server has a valid Email address and password for your server. SMTP-Auth is the new standard for Email server authentication, and provides excellent security with no management hassles. The way SMTP-Auth works is to incorporate a username/password authentication system into the SMTP server itself. This effectively eliminates the need to maintain a database of authenticated POP users, which reduces the hassle of maintenance and the associated security risks.

Virtual Private Servers that were set up before January 16, 2003 are set up to use the POP before SMTP anti-relay technique. This is an older method of authentication that uses a database of authenticated POP users to authorize SMTP access. While it is an effective anti-relay tool, SMTP-Auth is a better solution, and we recomend that VPS administrators encourage their customers to begin using SMTP-Auth instead of POP before SMTP.

The default for new Virtual Private Servers (set up after January 16, 2003) allows users to select either POP before SMTP or SMTP-Auth authentication as a convenience. The following optional sendmail configuration files are available as part of the Sendmail M4 Macros (run vinstall sendmail to install the M4 macros with the alternate configuration files).

For both POP before SMTP and SMTP-Auth support, replace your default ~/etc/sendmail.cf file with the one in ~/usr/local/sendmail/cf/cf/default.cf.

To use SMTP-Auth only, replace your default ~/etc/sendmail.cf file with the ~/usr/local/sendmail/cf/cf/default-auth-only.cf file.

If you are using procmail, you will need to use the default-procmail-lda.cf or default-procmail-lda-auth-only.cf files respectively.

Configuring your Email Client Program to use SMTP-Auth

Different Email client programs will require different steps to enable SMTP-Auth. See our Email Client Configuration pages for instructions on how to configure your client to use SMTP-Auth. Because of the improved functionality of SMTP-Auth, we stronly recomend encouraging your users to migrate to the SMTP-Auth method.