Paul Wade wrote: > > The problem of "relaying" can be solved by restricting access to the local > subnet. However, that would irritate some good customers. Suppose I am > traveling with my laptop and want to read and answer my email. I don't > want to pay for a toll call to the dialup because I can hook up via > ethernet or my brother says 'go ahead and use my local dialup account'.
Well, I don't see it as an irritation. I do travel with my laptop and I do get/send email while on the road. But if you're on the road and have access to the internet but not through your own ISP, you *should* have access to the sendmail server for whoever's Internet hookup you're using. I find it quite painless to simply go into my Netscape Mail settings and set the outgoing mail server to whatever the "local" sendmail server is. As long as your "Reply-To:" header is set correctly, you'll have not trouble getting replies sent through a "foreign" sendmail server. And besides, are you saying that *your* sendmail will accept connections from the outside world? You are truly a brave spirit, given the seeming never-ending source security holes which sendmail has always been. > There is a way to fix this for the ISP who thinks it's worth the trouble. > You could set up a web page that requires a password or have them login > via telnet. This would validate the IP the customer is at and you could > allow in.smtp because you know who to 'counsel' if you get a spam > complaint. > > I suppose that you could require the telnet connect to stay active in > order to accept mail for relaying. They would have to switch to the telnet > and hit a key within n(60?) seconds before sending or the connect to smtp > would be refused. Hopping between open telnet and mailer programs is easy > for Windows or Linux users. > > The apache approach has several possibilities. Maybe a javascript (ugh) > would be sufficient to tell the server you are still valid from the IP. > > If somebody does this, they should share it freely. Most of the spam comes > from 'borrowed' mail servers. I think the ultimate solution is to build support into mail clients for ssh or something of the like. -- Jens B. Jorgensen [EMAIL PROTECTED] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
