> I want to use qmail as smtp gateway. I have
> configured qmail to relay mail selectively from our
> mail servers. It seems to me little elegant to
> manage this away qmail's control files but it really
> works. Maybe I could apply Rask Ingemann
> Lambertsen's patch (to add control/relayclients and
> control/relaydomains files) but I don't know if it's
> recommended.
>
> However I don't know how to manage forged senders
> with our own domain when it's received from
> Internet. If I include our domain in
> control/badmailfrom file, valid mail from our mail
> servers also is rejected. Otherwhise our users could
> receive mail that seems internal. DNS checking
> doesn't help because our domain is valid.
That's exactly the reason why relaydomains is kind of unsafe.
tcpserver approach works on IP level. If you care to change the above
mentioned patch to work on IPs (and TCPREMOTEIP), you're on the safe
side - provided your border routers don't let forged IPs in.
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
