On 01/15/03 at 14:14, Chris Wagner opined:
> >Kind of. 'Read before send' is a method of temporarily
> >authenticating IP addresses so that SIMS will allow SMTP relays from
> >them (this method is not unique to SIMS). The way it works is that
> >when a user logs in via POP to retrieve mail, SIMS temporarily adds
> >the user's IP address to the client hosts list for whatever time
> >period has been specified in the settings. This solves the problem
> >with a static clients list that mobile users can't relay through the
> >server if they've dialed up to an IP address that's not in the list.
>
> That makes sense. DUH. ;^)
>
> >No. It doesn't affect the ability to log in via POP, it simply
> >allows SMTP sessions to be indirectly authenticated by a POP login
> >immediately prior to the SMTP connection. POP sessions are always
> >authenticated, so it's not necessary to restrict them in the same
> >way that SMTP relays are restricted.
>
> So now you lost me.
>
> Can I retract my earlier remark?
>
> Chris <-------------- SUPER-DUPER Idiot when it comes to SIMS
>
> OK, I feel better.
>
> So, that said, Christopher, does that mean that the POP module is
> passing the username and password to the SMTP module for TEMPORARY
> use at that point?
No. When a POP session is authenticated from a given IP address, that
address is temporarily added to the client hosts list. In effect, SIMS
considers the IP address to be authenticated for the duration of the
temporary listing. A subsequent SMTP connection from the same host is not
itself authenticated, which is what I meant by saying that it is
authenticated indirectly (the POP session was authenticated, so SIMS
figures that it's alright to accept SMTP relays from the same address, at
least for a few minutes).
> And if so, would having this setting at "never" prevent ANY SMTP from
> the outside (which is I guess what I'm getting from your explanation)
>
> Is that correct?
It would prevent SMTP _relays_ from hosts that are not in the client hosts
list and which do not authenticate using SMTP AUTH. It will still accept
messages via SMTP for delivery to local accounts (subject, of course, to
any relevant router entries).
--
Christopher Bort | [EMAIL PROTECTED]
Webmaster, Global Homes | [EMAIL PROTECTED]
<http://www.globalhomes.com/>
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
