Look. I very much doubt that Martin Staael <[EMAIL PROTECTED]> REALLY
wants to run an open relay. What most ISPs want to allow are
Internet ---> SMTP ---> local users
Internet <--- SMTP <--- local users
local users <--- SMTP <--- local user
and disallow
Internet ---> SMPT ---> Internet
You generally must have a pretty firm idea as to who your local users
are and what their IP numbers will be, whether they're local dialup lines or
remote network machines. Simply use tcpserver with a /etc/tcprules.d/ file
like so:
127.0.0.1:allow,RELAYCLIENT=""
<local IP>:allow,RELAYCLIENT=""
# standard operating procedure
<local users' IP>:allow,RELAYCLIENT=""
<range of local users' IPs>:allow:RELAYCLIENT=""
# I appear as an open relay to my local users...
:allow
# but not to the rest of the Internet
Ta da! Done. The only reason I can think of that Martin can't use this scheme
is if he has so many users that the rules file would be unmanagably large, or
that his users are allowed to change their IP numbers at random. In that case,
the pop-before-smtp patches already spoken of would be the only way to go.
Open relay is a bad idea in any language. Much more preferable to teach all of
your users to "check your mail before sending new mail" than to have your
carefully configured open relay cut off from all of the sites your users want
to e-mail.
--
Matt Garrett, Network Engineer
Superior Open Systems
[EMAIL PROTECTED]
