Re: [exim] How do ISP's restrict access without authenticati…

Top Page
Delete this message
Reply to this message
Author: Richard Clayton
Date:  
To: Charlie
CC: Exim-users
Subject: Re: [exim] How do ISP's restrict access without authentication
In message <023F9377EB5B4E3FA914AAA057E9103F@CharlieCompaq>, Charlie
<mi6@???> writes

>I have the hotel's IP address, so I can authenticate based on that.


I think you probably need to post the details of this mechanism, so that
the experts can see if you are doing it correctly

>The problem is that authentication based solely on IP address is not good
>enough, because within a few days, the mail server is 'discovered' by
>Chinese spammers. We've also tried the same thing with an entirely different
>hotel (and the different IP address). This was also discovered as being a
>mail server that authenticates solely by IP address, and was quickly spammed
>by the Chinese spammers (using a forged IP address).


Either the hotel's machines are insecure and are being used as proxies
(which is a security issue that they can fix), or you are mistaken

It will not be possible to forge an IP address and make a TCP connection
to your machine (assuming your OS dates from 1990 or later)

- -- 
richard                                                   Richard Clayton


Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755