> > Hm. The typical way to do this is to have your mailer refuse relayed
> > SMTP connections from an IP address unless there's been a successful
> > POP3 authentication from that address in the past ten minutes...
>
> Have you got a website for this? I've never seen it done with sendmail.
As far as I'm aware, sendmail was the first mailer it was done
with, although as I pointed out the technique is simple enough that
a few slight modifications to any MTA should be all that's required.
(In the sendmail case, it's only modifications to the config file,
since it has excellent database facilities built in.) A full
description of the technique is at:
http://spam.abuse.net/spam/tools/smPbS.html
> > What restriction does this place on mobile users?
>
> Unless your pop server hooks into sendmail's ant-relaying/spamming
> rules, you end up denying mobile users from sending mail.
Well, it's pretty hard to allow only IP addresses that have
authenticated with POP3 recently to send mail if you don't have
this hookup!
cjs
Curt Sampson cjs@portal.ca Info at http://www.portal.ca/
Internet Portal Services, Inc. Through infinite mist, software reverberates
Vancouver, BC (604) 257-9400 In code possess'd of invisible folly.