Charlie wrote:
> Thanks everyone for your replies, and sorry for the late reply.
> So, here is my problem.
> I need to be able to authenticate traffic that is automatically being routed
> to my mail server from a hotel's network.
> I have the hotel's IP address, so I can authenticate based on that. I cannot
> authenticate based on any sort of username/password, because the SMTP
> redirection software they use cannot properly adjust these values to match
> what we need.
>
> The problem is that authentication based solely on IP address is not good
> enough, because within a few days, the mail server is 'discovered' by
> Chinese spammers. We've also tried the same thing with an entirely different
> hotel (and the different IP address). This was also discovered as being a
> mail server that authenticates solely by IP address, and was quickly spammed
> by the Chinese spammers (using a forged IP address).
For all intents and purposes, you can't "forge" IP addresses in TCP
connections. Authentication based on IP should be fine. Please show us
the exact configuration that you've used to restrict relaying by IP.
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226)
http://cardwellit.com/
Technical Blog:
https://secure.grepular.com/blog/
