> The default relaying setting is based on IP, which is part of the 
> connection. But is AUTH part of the connection or part of the 
> transaction?

After SMTP AUTH has been completed successfully, the client becomes an
relayclient of the rest of the connection. Currently we do this by
setting $ENV{RELAYCLIENT}. Same is true for allowing relaying by IP 
(is connection) or by other means like for example my pop-before-smtp 
solution (qppoprelay plugin).

I can only imagine very rare occasions when the right to relay is 
bound only to the transaction. One example might be a plugins which
allows relaying for specific mail from senders (which is nowadays
a bad idea).

But as there might be other plugins which decide the relaying on a 
mail-by-mail approach i suggest following my approach with both a
relaying flag for the whole session, as well a relaying flag for an
individual transaction (which will automatically be set when
the global session relaying flag is set). This makes it possible
to handle both cases.


-kju

-- 
      It's an insane world, but i'm proud to be a part of it. -- Bill Hicks

Reply via email to