Mike O'Connor writes:
There is no such thing as "from the account they authed with?" Their account information serves solely to grant relaying privileges to their current IP address. Their IP address is an atomic unit that is not divisable into any discrete entities called "accounts."Is there a way to configure courier such that when a remote user does smtp auth, they are only allowed to relay messages from the account that they authed with?
How exactly does their authentication suddenly gives them ability to send E-mail that originated from some other, randomly chosen, IP address? Of course if they, themselves, are running an open relay then they will be using your box as an output stage of an open relay. It's their fault, and if you catch them doing it, cut off their mail access until they finally figure out what they're supposed to do on the Internet, and learn enough to be able to secure their machines properly.I beleive that in the standard configuration, once a user has authed against the SMTP server, the server essentially becomes an open relay for them and they can send messages to and from anyone they want.
-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate is essential in establishing user confidence by providing assurance of authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
