[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: restricted relaying
On 02-Dec-99 at 00:59, Matti Aarnio (mea@nic.funet.fi) wrote:
> > Ok. Let me explain more exactly. One of our workers had to go out
> > of the company. And sometimes he has possibility to use computer
> > with given IP.
> >
> > I want to setup that when he connects from this IP (which isn't
> > from my domain) and he says:
> The answer is: No, there is no mechanism in plain Policy datasets
> to do that.
>
>
> HOWEVER: If you run
> - Possibly SSL
> - SMTP AUTH LOGIN support (possibly without mandatory SSL mode before)
> then a successfull login at email sending (rather trivial to force
> to be used at Netscape, and likely at M$ IE too) will enable relaying
> never mind where the user is.
> (I use my office workstation that way as a relay for my laptop...)
Matti,
note that the guy says that his client's machine has a fixed IP address.
He *could* just add this [IP]/32 to the smtp-policy.relay. This should
suffice, given that checking of MAIL FROM does not add much security
anyway.
Eugene