Home Download News FAQ / Knowledge Base Screenshots Documentation Support Site map
philosophical imaginary
Table of Contents

Configuring Relaying

If your system is behind a DSL line or not public available IP address, you need to configure a Mailserver you will send the mail out via. Citadel offers this in:

Administration->Domain names and Internet mail configuration->Smart hosts

Depending on your situations this can be several items.

Identification / Authentication

Since relay access usualy must not be available to the public (since its abused to send spam) the relaying mailserver has to be protected from alowing random persons on the internet doing a relay. If your server sends via a VPN, or is always coming from a defined IP, alowing relay access for this ip may be a solution.

If not, or if using public servers not under your control specifying username / password is the way to go. The syntax herefore is:

username:password@yourrelay.com:portnumber
  1. Portnumber defaults to 25; can be ommitted.
  2. yourrelay.com the hostname. If you know that the IP of your relay doesn't change, you should directly configure an IP here. This reduces the risk of failure if i.e. the DNS is unavailable.
  3. Password: your secret. If it contains special characters (:@ and so on) you have to URL-encode them @ → %40 : → %3A
  4. Username: The user on the system. If it contains special characters (:@ and so on) you have to URL-encode them @ → %40 : → %3A
  5. you may use i.e. http://meyerweb.com/eric/tools/dencoder/ to do the URL encoding for you; Please note you should only submit the nonsecret parts for security reasons.

TLS/SSL

Currently citadel itsel does not support TLS on this way on its own. There is a workaround for this:

http://stunnel.org

All modern distributions ship stunnel; on some the package is named stunnel4 - since version 3 is also available but has no config file.

here is a sample stunnel configuration to configure a gmail relay: (put them i.e. to /etc/stunnel4/smtprelay.conf)

sslVersion = SSLv3

chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4

pid = /stunnel4.pid

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

client = yes

[ssmtprelay]
protocol = smtp
accept  = 127.0.0.1:8025
connect = smtp.googlemail.com:25

Once you restart stunnel, you should find it binding port 8025 for you to relay:

netstat -alnpt |grep stunnel
tcp        0      0 127.0.0.1:8025          0.0.0.0:*               LISTEN      17523/stunnel4  

now you configure this relay in citservers Smart Host tab:

somebody%40gmail.com:opensesame@127.0.0.1:8025

now you should be able to test your relay.

Configuring per user Relay

this is an unrelased feature - it will be part of citadel 8.2x So maybe you're only allowed to send mails as the user that was authenticated for relaying - which may be not nice if you have several users using your system. This setup is a little more complicated. Follow these steps.

  1. collect all relay domains you're going to send mails via, add them to Masqueradable domains.
  2. configure several relay addresses like this: somemailaddress@somewhere.org username:password@relayhost (please note the blank between email and relay)
  3. edit the users personal vcard, add somemailaddress@somewhere.org to his email addresses.

Once the user chooses somemailaddress@somewhere.org as his sender, this relay will be used.

Copyright © 1987-2014 Uncensored Communications Group. All rights reserved.     Login (site admin)