On Thu, Oct 14, 2004 at 11:42:49AM -0500, gary quoth: > > > > added in open-smtp, and the roaming works fine. But when > > > > $RELAYCLEAR clear my open-smtp, and I check my emails, I can see > > > > the emails, but I can't see my IP in open-smtp. > > > > > > I've forgotten. If I close my email client, and reopen, my IP > > > appears in open-smtp. > > J> your IP only gets added when you authenticate, and since you're using imap, > J> you may not be authenticating very often. This is neither a problem with > J> bincimap or vpopmail, it's simply a drawback to using pop-before-smtp > J> authentication. > > J> Try using smtp auth instead, or in conjunction with > > another alternative is to use my modified script for Bruce's relay-control > with binc-imaps. It will auth you when logging on to binc..
That's just the problem---according to the IMAP spec (or IMAPS), there's a 30 minute time-out between when you authenticate and when non-traffic will force you to re-authenticate. What that means is that if you authenticate, according to the IMAP spec you don't have to re-authenticate for a very long time. You can come back 29 minutes and 59 seconds later to check that there are no new messages in your inbox, and the connection still exists, and you don't have to re-authenticate. On top of that, checking for new messages resets the timeout, so you could wait another 29 minutes and 59 seconds before checking again and you still wouldn't have to re-authenticate. Even well-configured and well-written imap-before-smtp programs (like Bruce's relay-control) only add you to the list of authenticated IP addresses when you authenticate (obviously). The problem is, programs like Bruce's relay-control can only decide that you are still authenticated based on when you send a username and password to the IMAP server---it doesn't (and can't, really) keep track of every single IMAP command. That means that while using relay-control, you're going to time out because you haven't re-authenticated after something arbitrary like 15 minutes, even though according to the IMAP spec every single communication in an already-authenticated IMAP session essentially re-authenticates you. This is why quitting and re-opening the mail client works---because you're forcing it to re-do the "send username and password" part of the IMAP conversation---but long-running IMAP sessions eventually become un-authenticated with respect to imap-before-smtp (like Bruce's relay-control). Pop3-before-smtp makes a *little* bit more sense than imap-before-smtp, but only because pop3 connections are not persistent, like imap connections are, so a good mail client will be re-authenticating periodically every time it checks for new mail, while an imap client knows it can just keep one connection open and not re-authenticate every time it checks for new mail. ~Kyle -- There is no more evil thing in this world than race prejudice . . . It justifies and holds together more baseness, cruelty, and abomination than any other sort of error in the world. -- H. G. Wells
signature.asc
Description: Digital signature
