On Wed, 4 Feb 1998, Alan Barrett wrote:
= > I'm aware of the sender_net_accept_relay option to allow relays from some
= > addresses but since the ISP's all use DHCP or some other dynamic addressing
= > scheme, I can't be sure that xx.xx.xx.4 will always be "trusted user", so I
= > have to allow the entire xx.xx.xx.0/24 range in. That's not really what I
= > want.
=
= You probably want "POP before SMTP". A user connects to your POP port
= (and authenticates with a username and password) to receive their incoming
= mail. Your POP server makes a note of the IP address, the time, and the
= fact that it was a valid user. (Your POP server probably does this
= already, using syslog.) Something between you POP server and your SMTP
= server keeps track of which IP addresses have recently been verified to
= belong to valid users, and deletes addresses from that list after a
= suitable time period. (Programs that do this by continuously tailing your
= syslog are available.) When the same user connects to your SMPT server
= (within a few minutes after authenticating to your POP server), your SMTP
= server allows them to relay outgoing messages. (I don't know how to make
= exim do the last part. sender_net_accept_relay="lsearch;/some/file"
= doesn't seem to work.)
=
It has to be faster than a few minutes. Lots of remote users I know
dial in, download new mail, hang up, compose offline, and reconnect
to send it. They would be ticked if they had to wait minutes to send.
Can you do it with identd? There are identd clients for most pc's.
Sherwood Botsford | email avatar@???
Sorcerers Apprentice | Office CAB 642B
System Administrator | Tel: 403 492 5728
Trouble shooter | Fax: 403 492 6826
--
*** Exim information can be found at
http://www.exim.org/ ***