- Previous message: Thomas Domingo Dahlmann: "Re: Body checks on incoming only"
- Maybe in reply to: ankush grover: "Postfix Restriction class not working properly"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Magnus Bäck (no email)
Date: Wed Aug 02 2006 - 07:36:40 EDT
On Wednesday, August 02, 2006 at 13:16 CEST,
ankush grover <> wrote:
[...]
> I posted all the logs generated by the mail (/var/log/maillog) .
No, you did not. You will have entries like these:
Aug 2 13:23:38 jeeves postfix/smtpd[12813]: connect from localhost[127.0.0.1]
Aug 2 13:23:38 jeeves postfix/smtpd[12813]: EBCF23C2C: client=localhost[127.0.0.1]
> You earlier mentioned this
> But anyway, wouldn't it be a better idea to rely on the client address
> and authentication rather than the easily spoofed sender address, like
> in the example in RESTRICTION_CLASS_README?
>
> I agree but if the sender is not from my domain for example an email
> id from gmail or from yahoo these people are not going to authenticate
> to my server but still I am interested in the above can you guide me a
> little.
They can connect directly to your server, assuming they are using an
SMTP-capable client. This may or may not be feasible, but as I said
sender addresses can easily be spoofed so your solution is by no means
secure.
-- Magnus Bäck
|
|
|