> Matti Haack <[EMAIL PROTECTED]> schreibt: >>MD> As for ASSP, could it be an option to use the connection IP or >>the header >>Spam headers are usually forged to prevent easy tracking - so this is >>not a helpful solution. >>The recived header is inserted by any processing mailserver and could >>consits any IP-Adress. So only the unforgeble IP Adress from the >>connction should be used. > > hm, if ASSP is running behind an other server or proxy, we have good > control and knowledge about the border-ip.
that's the point **I** know my border router, so i can tell you for sure to strip that one and only received line. It can be my border gateway, it can be a dedicated firewall or an antivirus blackbox. ASSP is a tool for postmaster, and that option is a commodity to strip the first received when you know *YOU* added it. No way to forge it. That's nothing wrong to have assp on the internal net, and a firewall doing the forward to a host on the internal lan, even on a different port. it's not a security problem. It's a security enhancement. well, a smart option would be NOT a checkbutton 'strip one line' but a box where you put the actual line to strip [you can't because of the date-time part], or at least you tell the IP to strip. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
