Hi,
I have a scenario where i have a submission port/ip, where users can
relay through and doesnt do any RBL checks as such. However, what i have
noticed is that if the user authenticates, he can then send a message
with any from address.
Is there a way to limit them such that at the very least the domain name
used to authenticate is the same domain used for the from. I dont want
to limit it to the exact same user, as many times offices use a mailer
daemon/postmaster or something and use it as a relay for their office,
which means 1 authentication for that whole office. Or perhaps a file
that maps which domain is allowed to authenticate and send relays for
like
domain1.com:shupp.org
domain2.com:shupp.org
domain3.com:blah.com
That means if your from address is domain1.com either domain1.com used
for authentication or an account on shupp.org used for authentication
will be accepted as relay for that address
What do you guys think?
Satish
