Patric Falinder:
> All I actually need to do is to allow a dyndns-adress to send without
> authentication.
Wietse:
> And why can't the SMTP client be bothered to authenticate?
Patric Falinder:
> Some of our customers "business-systems" are for some reason
> programmed so they're not able to authenticate. Now this hasn't
> been a problem for any of them because they've had a local mailserver
> (Exchange) where we have configured it so it didn't have to
> authenticate. But now when we have migrated all their mail to our
> servers and shutdown their old one, they can't use that anymore
> and need to use ours.
Hostname lookup is not a solution. Due to caching effects there
simply is no guarantee that the name will always exist and resolve
to the current client address BEFORE the client connects to you.
I deplore the lack of planning that went into this migration; it
would have been easy enough to provide an SMTP proxy for off-site
locations that authenticates with SASL or TLS certificate. The
whole thing could be done in a few lines of Perl or Python.
Wietse
