I am using the RELAYCLIENT as a work around for now. It is a temporary fix
only because I have to know the IP subnet they are coming from or a specific
static address. I know it's not really intended to be used this way though.
-----Original Message-----
From: Charles Cazabon [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 04, 2000 3:18 PM
To: [EMAIL PROTECTED]
Subject: Re: Open Relay questionnaire
Eric Walters <[EMAIL PROTECTED]> wrote:
> I am looking for some input on this as it relates to virtual hosting. My
> users are all remote and I am trying to find a happy medium between
security
> and user-friendliness. Is there a way to ensure that unless the rcpt to:
or
> mail from: contain a local domain qmail will not deliver the message?
Yes, it's theoretically possible. Someone may have already implemented it,
but
I don't know of one offhand. But this is not a happy medium. Many spammers
are now forging the MAIL FROM: address as being from the host it is
connecting
to. The above would provide no security, and essentially act as an open
relay.
> So far I have implemented relayclient but that is a real pain to
administer
> and an inconvenience to my users.
Not sure what you're referring to above; do you mean setting the RELAYCLIENT
variable based on static IP addresses? That's completely transparent to
non-roaming users. Or you could be referring to SMTP-after-POP, such as
implemented by Bruce Guenter's relay-ctrl package. That's very convenient
for users -- all they have to do is check their mail before sending mail.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
