-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Am Montag, 11.08.03, um 12:59 Uhr (Europe/Zurich) schrieb Tomasz Papszun:


If you want to prevent them from using non existing sender addresses from your domain, you can do it by creating a file (lookup table) for postmap(1), containing all allowed addresses with "OK" and another table containing your domainname with "REJECT".

If you want to prevent them from using sender addresses from other
domain, it's also possible with properly prepared config.

If you want to prevent them from using other (not their own) sender
addresses from your domain, you must use SMTP AUTH, I'm afraid.

--
 Tomasz Papszun   SysAdm @ TP S.A. Lodz, Poland  | And it's only
 [EMAIL PROTECTED]   http://www.lodz.tpsa.pl/   | ones and zeros.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Theoretically there is another possibility. Actually pop-before-smtp does nothing than watching the log file, picking the ip address of the pop client and putting this address for a certain time into a postmap for postfix. If you would use the user's email address as his pop3 login name (within a sql or ldap db, for example), one could take this information and write it into another postmap file. This would necessite some modification of the pop-before-smtp script, but I think it wouldn't be too hard to implement. It wouldn't be perfect, though: Imagine two users logged in at the same time. Under this situation each user could "abuse" the other user's email address.


For a really secure system, there is no way around smtp auth. pop-before-smtp relies on ip addresses. But what about NAT? Users coming from a private masqueraded network, could misuse your server at their pleasure, if one user from this network has logged into his pop3 account.

Regards

Marcel



-----BEGIN PGP SIGNATURE-----

iD8DBQE/N3/y1EXMUTKVE5URAjPsAKD1sVpkeqHSIcYnungYkuF/fNyumgCg7pmF
o2GTZhfgn7NnZ63P8HLSpEI=
=B+0b
-----END PGP SIGNATURE-----


-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]



Reply via email to