Noel et al,
I do like this suggestion - it will make James very powerful and flexible in its authentication handling. When designing these properties please remember a couple of things: i) There are a variety of SASL authentication mechanisms that may be supported in the future, so any property passed to the matcher/mailet should be fine-grained enough to specify the authentication mechanism ii) The authenticated user id will also have to be preserved, not just the fact of authentication. This sort of approach is necessary not only to support identity verification, but also more complex constructs like role-based mailing. That said, I still think we need a simple, easy-to-configure way to allow users to ensure that James is not used as an open relay. Power and flexibility are important, but so is ease of use in standard situations. As far as I can tell, that mechanism is the authRequired parameter for the SMTP Handler. I'd like to address the original problem. As far as I can tell SMTPHandler should not need to treat messages with null senders any differently than it treats other messages. This is because internally generated bounce messages are placed directly on the spool, and externally generated bounce messages should only be going to localhost if authentication is required. Is that correct? Serge, what are your thoughts? --Peter > -----Original Message----- > From: Noel J. Bergman [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 31, 2002 6:50 AM > To: James Developers List > Subject: RE: Open relay with SMTP-AUTH > > > The source of a mail is trusted if the mail is > > 1. received through smtp from a local host - based on its ip address > > 2. received through smtp from an smtp authenticated host > > 3. generated within james > > > As I know information about (1) is already available, but not > > about(2) and (3). > > #1 is based upon the remote host IP. #3 is 127.0.0.1 (localhost). #2 is > the missing property. > > --- Noel > > > -- > To unsubscribe, e-mail: <mailto:james-dev- > [EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:james-dev- > [EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
