This might help:
http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt On Mon, 2003-08-11 at 13:37, Marcel Weber wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Am Montag, 11.08.03, um 12:59 Uhr (Europe/Zurich) schrieb Tomasz > Papszun: > >> > > > > If you want to prevent them from using non existing sender addresses > > from your domain, you can do it by creating a file (lookup table) for > > postmap(1), containing all allowed addresses with "OK" and another > > table containing your domainname with "REJECT". > > > > If you want to prevent them from using sender addresses from other > > domain, it's also possible with properly prepared config. > > > > If you want to prevent them from using other (not their own) sender > > addresses from your domain, you must use SMTP AUTH, I'm afraid. > > > > -- > > Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only > > [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > Theoretically there is another possibility. Actually pop-before-smtp > does nothing than watching the log file, picking the ip address of the > pop client and putting this address for a certain time into a postmap > for postfix. If you would use the user's email address as his pop3 > login name (within a sql or ldap db, for example), one could take this > information and write it into another postmap file. This would > necessite some modification of the pop-before-smtp script, but I think > it wouldn't be too hard to implement. It wouldn't be perfect, though: > Imagine two users logged in at the same time. Under this situation each > user could "abuse" the other user's email address. > > For a really secure system, there is no way around smtp auth. > pop-before-smtp relies on ip addresses. But what about NAT? Users > coming from a private masqueraded network, could misuse your server at > their pleasure, if one user from this network has logged into his pop3 > account. > > Regards > > Marcel > > > > -----BEGIN PGP SIGNATURE----- > > iD8DBQE/N3/y1EXMUTKVE5URAjPsAKD1sVpkeqHSIcYnungYkuF/fNyumgCg7pmF > o2GTZhfgn7NnZ63P8HLSpEI= > =B+0b > -----END PGP SIGNATURE----- > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
