In this document some hacks are described to provide less sophisticated forms of authentication which do not use SMTP AUTH. The best of these methodes is called POP-before-SMTP.
Log2db is a simple tool that watches a log-file and scans for specific entries (those entries are specified with a regular expression). It inserts the entries found into a Berkeley database for a specified amount of time, after which the entries are deleted from the database again.
This functionality is exactly what is needed for a POP-before-SMTP solution on a host which is running sendmail and a pop daemon, and perhaps also a combination of other servers.
HACK(`popauth')Notice If you use sendmail 8.10 (or beyond), the default for this hack is to require a tag (POP:) for each entry in the map. To turn this off, you need to use:
define(`POP_B4_SMTP_TAG', `') HACK(`popauth')
The old HACKs for 8.8 have an option _POPAUTH_
relay_local_from Allows relaying if the domain portion of the mail sender is a local host. This should only be used if absolutely necessary as it opens a window for spammers. Specifically, they can send mail to your mail server that claims to be from your domain (either directly or via a routed address), and you will go ahead and relay it out to arbitrary hosts on the Internet.However, sendmail 8.10 and later versions provide a slightly better feature:
relay_mail_from Allows relaying if the mail sender is listed as RELAY in the access map. If an optional argument `domain' is given, the domain portion of the mail sender is checked too. This should only be used if absolutely necessary as the sender address can be easily forged. Use of this feature requires the "From:" tag be prepended to the key in the access map; see the discussion of tags and FEATURE(`relay_mail_from') in the section on ANTI-SPAM CONFIGURATION CONTROL.