Auteur: Peter Lindberg Date: À: Exim-users@exim.org >> exim-users Sujet: Re: [exim] How do ISP's restrict access without authentication
Charlie skrev: > Hi,
> I was wondering how exactly ISP's - that don't require authentication -
> manage to restrict access to their customers only.
> I know that Exim can restrict access by IP address, but IP addresses can be
> spoofed (and very often are spoofed by automated scanners which search for
> SMTP servers that are open in this way).
> How then, do ISP's manage to prevent their servers from being abused?
> In other words, if an ISP only authenticates based on IP address, then
> surely that would leave their server open to abuse.
> The answer to this question will help me a lot.
Hi, i don't think it's a problem for isp's. since they own the ip's and
they have full control over the routing, they can see and prevent ppl
from spoofing their ip, bots can infiltrate their network and try to use
isp's servers for relaying spam thou, but inserting a limit of what ppl
can send and monitoring abnormal behavior, and virus/spamprotecion on
outgoing servers can solve that