On Tue, 21 Nov 2000, Johan Van Gompel wrote:
> (1) check if a FQDN exists for the sender's IP (if not: no go);
If tcpserver has the -h option then it looks up FQDN and puts it in
TCPREMOTEHOST. If you use -p option as well, then it even verifies it, and
unsets TCPREMOTEHOST if it cannot be matched (no A or CNAME to the FQDN
matches the remote ip-literal). You can write a wrapper before
qmail-smtpd, which calls qmail-smtpd if TCPREMOTEHOST is set, or echoes
the error message of your selection and terminates. It will do the trick I
think.
> (2) allow POP3 access via SSL only;
Use stunnel (see my post in the stunnel list regarding this).
> (3) extract any mail attachment and check it for various things;
> (viruses, unallowed extensions, etc.)
See the amavis website regarding this.
> (4) support delivery to same users at different domains;
Virtual domain feature in qmail.
> (5) allow only a more rigid form of authentication;
> (e.g. POP-before-SMTP)
See www.qmail.org for a solution solving this (there is at least two
solutions there), or the vpopmail package regarding this.
Regards,
Robert Varga
