[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smtpserver policy

> We are trying to implement anti-relaying. But we have a very large,
> very diverse community, some of whom use outside ISPs to read their
> mail. There has been some discussion about allowing users who have
> logged in to their inboxes (imap or pop) to use the smtpserver as a
> relay.
> If you have implemented such a system, we would like to hear from you.
> How did you get the imap/pop login and logout records to the smtpserver?
> (Our message store machines are different from our smtpserver machines.)
> How are you updating the smtp-policy database? (There is a note about
> possible concurrency problems with reading and writing ndbm files. What
> form of database do you use?) What do you do with pop logins? That is,
> do you have an expiry time so that the IP address is still valid after
> the user has logged out?
> We have looked at Eugene Crosser's whoson. We would be interested in
> hearing the details of any implementation of it.

The latest Zmailer snapshot has whoson handling built in, and the
whoson package in the contrib/ directory.  See also
ftp://ftp.average.org/pub/whoson/.  This approach does not require
updating policy DB, you just need to configure Zmailer to use
whoson (done automatically if you installed whoson to default location),
and use attribute "trust-whoson +" in the boilerplate entry of the
policy.  You also need to patch the pop/imap server, I have a patch for
UW imap-4.2.

We are successfully running this setup for a couple of weeks in production,
it seems to work.  Probably, no one else has installed it yet.


P.S. Just to inform you guys, last Sunday I've submit the protocol
description to the RFC editor, now waiting for reply...