At 11:14 10/01/2001 -0800, you wrote:
>Actually, he says he used postmaster@???, but probably used
That domain exists too ;)
>You can't really verify foreign addresses (without actually sending a
>message).
No, but I can prevent relaying of that message, considering that the
rewritten address is non-local, and is sent to a non-local address.
>> originally specified sender (i.e. nonexist.user@???)?
>It does appear that he used a valid local address (as did I).
Roger didn't. The logs indicated that he didn't. I'll fix the relaying
rules that postmaster@ can only RECEIVE, but not send. Postmaster shouldn't
send anyway, the role account should.
>impossible to get your users to use AUTH SMTP?. Most clients will store
Yes it is. I have people who use anything from Unix (Pine, Mutt, Netscape)
to Mac (Outlook, Outlook Express) to Windows (Pegasus, Eudora, Outlook &
Co., Netscape).
Some of the clients are ANCIENT and don't support SMTP AUTH. And yes, I
need to make provision for those. Preferably I want to use something that
only users would know that gets rewritten, perhaps a prefix or suffix of
some sort in the $localpart...
Oh well... I'll see.
Andromeda
- The Andromeda HTML Workshop -
http://www.htmlworkshop.com/
Home of Search & Replace 98
