Re: [IMail Forum] Store and forward or backup mail spooler

Sat, 06 May 2000 09:11:19 -0700 


>We have a customer with an exchange server. They are going to use DSL, but
>not for 30-60 days or so.

DSL into your isp or through a CLEC?  If elsewhere, then get the DSL client 
to request a fixed ip from his DSL ISP and your pb is solved. Imail 
SMTPSecurity:relay for addersses: to inlude the DSL ip address.

>Ipswitch support tells me they need a static IP to do this. Do they need a
>static IP to get email via a dial up? Anyone else run into this?

yes, Ipswitch is correct in strict terms of RFC compatibility.   The "SMTP 
client" of the Exchange server would use the SMTP command:

ETRN exchange.DSLclient.com

command to signal to to Imail that it wanted a relay mail queue flush. Of 
course, any @sshole could spoof the "ETRN domain" name and steal all the 
client's mail.  Welcome to hell.

So the "SMTPD server" in Imail (and in postfix of IMGate) uses a fixed ip 
address for the "ETRN domain" as security. ie, Imail has the 'relay for 
addresses' param, and in NT hosts file, the

ip.ad.re.ss   exchange.DSLclient.com

... to ETRN security down as well as Imail can.   You must, of course, play 
your part and make sure in your routers that ip spoofing is blocked with 
packet filtering.

>Our modems are not currently set up for static IP's. I would have to
>reconfigure all of them to do so...

There are revenue opportunities here!  vbg  Make them rent their fixed ip 
port on your RAS box.

If it's a big client and mail load, you can keep it the relay traffic out 
of you Imail server completely by using an IMGate gateway for your relay 
domains, which also gives you MAPS anti-spam, DNS validation of mail 
senders, and inbound/outbound global header filtering (my IMGate reported 
to me that it stopped outgoing! ILOVEYOU last night.  IMGate also supports 
uucp for mail relay transport protocol ("unix 2 unix copy") which doesn't 
need a fixed ip address because uucp has authentification, but I don't know 
whether the Internet connector of Exchange supports uucp. kinda doubt it.

As pointed out, Exchange can be setup up to pickup mail with POP3 and its 
authentification so that removes the fixed ip for security.

Len

Please visit http://www.ipswitch.com/support/mailing-lists.html 
to be removed from this list.

Reply via email to