Bud Bach wrote: > > > I have an application that runs on the same machine as my > james server that > sends out registration confirmation messages. I have the > smtp server for > james configured to require authentication: > > <authRequired>true</authRequired> > > but I set authorizedAddresses to allow messages from the > local host to pass: > > <authorizedAddresses>127.0.0.0/8</authorizedAddresses> > > In the root processor I have: > > <mailet match="SMTPAuthSuccessful" class="ToProcessor"> > <processor> transport </processor> > </mailet> > > to bypasss various spam checks. > > Can I safely add a: > > <mailet match="RemoteAddrInNetwork=127.0.0.0/8" > class="ToProcessor"> > <processor> transport </processor> > </mailet> > > or something similar to allow non-authenticated senders that > are on the > local machine to bypass the spam checks as well? Could the > "remote" address > be spoofed thereby allowing my server to unintentionally > relay mail if I do > this? Thanks. -- Bud
Unless your local environment is compromised, I cannot imagine a scenario where this would not be safe. Cheers -- Steve --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
