qmail-smtpd-auth-secure is a patch for qmail that enables it to support SMTP AUTH in a truly secure manner.

This patch allows a forced SMTP AUTH no matter the source IP of the sender, but only for local hosted domain users.
Further more it only allows messages which have the same MAIL FROM: and SMTP AUTH user to avoid sender misrepresentation.

If you want to learn more about SMTP AUTH itself, then visit this SMTP AUTH page.


12.04.2007 - initial release

08.08.2007 - release 02: correct rctphost validation for qmail-autoresponder (also current release)

Getting qmail-smtpd-auth-secure:

Click on a filename below to download the distribution:


Installation procedure and usage:

First, you must apply Krzysztof Dabrowski's qmail-smtpd-auth patch to enable authenticated SMTP in qmail-smtpd. Notice how shamelessly I have ripped off the format of Krzysztof's website! Then, apply the qmail-smtpd-requireauth patch on top of Krzysztof's patch.

Then simply apply this patch into the qmail source directory:

patch < qmail-smtpd-auth-secure.patch

This way, in your tcp.smtp file you can have something like:


Contact information:

If you have any question, comments, improvements regarding qmail-smtpd-auth-secure use opensource@camscape.ro . I'm really asking you guys to send all the enhancements you make so they can be used by all others.


We (CAMSCAPE SERVICES) are experts in professional IT outsourcing and development based on open-source technologies.

Many thanks to Cristian Mantea and Traian Zvirid who contributed to this patch release.

Distribution terms:

This patch is in public domain. Do what you want with it.