[Techtalk] Allow all relays through sendmail

Kai MacTane kmactane at GothPunk.com
Mon Nov 19 16:12:04 EST 2001


At 11/19/01 02:59 PM , jenn at simegen.com wrote:
>What I do know is that I -wouldn't-. set it up for anyone to relay
>through. That's called an 'open relay' and it WOULD be found by spammers 
>and you WOULD wind up with spammers using you as a redirection.
>With all the attendant headaches that causes - and your machine put
>on the open relay blocklists.

I second that. It's a bad idea.

>A suggestion instead: if they're using dynamic IPs, allow their
>hostnames and the -range- of IPs they can be assigned.

My usual solution in a case like this would be to set up POP-before-SMTP 
relaying: when a user successfully authenticates via POP, their IP address 
is added to /etc/mail/access, and makemap is run to re-compile 
/etc/mail/access.db. The IP is retained for N minutes, where the usual 
value for N is 15.

You can roll your own solution pretty easily using swatch and some shell or 
Perl scripting, or there are a few things already available. Try poprelayd, 
which can be found at sourceforge.net.

                                                 --Kai MacTane
----------------------------------------------------------------------
"Playing dead and sweet submission,
  Cracks the whip deadpan on cue."
                                                 --Siouxsie and the
                                                   Banshees,
                                                  "Peek-a-boo"





More information about the Techtalk mailing list