On Thu, 2002-04-04 at 01:50, Nigel Metheringham wrote: > I've not played with this since a 2.0 linux kernel, however on that if > you have the transparent proxy code in place - which *terminates* the > connection (so X thinks its talking to Z but is actually talking to Y - > if you want Z involved you have to set up a new connection from Y to Z > and futzing that to make it look like it comes from X would be *very* > hard without deep router magic).
That's what I was afraid of. I don't think the magic is *that* deep, at least in linux 2.4, you should be able to just read the NAT table to figure out what X was trying to talk to in the first place. But I was just wondering if there was some more elegant way of doing it. > Anyhow on Y, in userspace you get a > normal TCP socket connection. getpeername() will give X's address, > getsockname() gives the original destination address - Z. Really? If it does, I think that solves my problem. But I can't imagine that it would... > Note that the way I described for SMTP hijacking leaves the session into > a different server from the original target, that server then passes on > the message as per normal - the Received: headers in the message will > show the extra hop. Yeah, but as I hinted at in my original mail, I'm not talking about SMTP, that part is easier because of the way the protocol works. I want to do this for POP and IMAP. Well, POP anyway until I get a little more time to spare to get IMAP working. > We certainly never tried to disguise what was happening - we took this > approach as the better choice of either blocking all SMTP to systems > other than our service cluster, or redirecting to a relay machine we > controlled. [The service we were running was a free ISP (other than > call charges) - we had no billing or other verifiable information to > prevent multiple signups or otherwise make users responsible for their > actions, so we had to take preventative action or become the biggest > national spam provider - a crown immediately grabbed by the less clueful > (IMNSHO) folks at the previously monopoly telco in the UK] _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
