Mailing List SIMS@mail.stalker.com Message #12370
From: Global Homes Webmaster <webmaster@globalhomes.com>
Subject: Re: "authenticated IPs are treated as Client ones"
Date: Wed, 15 Jan 2003 12:04:35 -0800
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Mailsmith 1.5.4 (Blindsider)
On 01/15/03 at 13:32, Chris Wagner opined:

> >It is rumored that on or about 2003-01-15 1:09 PM -0600, Chris
> >Wagner wrote as follows:
> >>What's the advantages/disadvantages to having this set to a time
> >>period as opposed to never?
> >
> >You only need this set if you want to allow "outside" users to use
> >SIMS SMTP with the "read before send" method.
>
> Chris <----------- Total Idiot When It Comes To SIMS
>
> Forgive me for asking, but was is the "read before send" method?
>
> It was my understanding that this value "authenticated IPs are
> treated as Client ones" was for nothing more than to permit someone
> who connects to the SMTP service and is authenticated in SIMS to be
> able to send a message within this window of opportunity in addition
> to retrieving mail.

Kind of. 'Read before send' is a method of temporarily authenticating IP
addresses so that SIMS will allow SMTP relays from them (this method is not
unique to SIMS). The way it works is that when a user logs in via POP to
retrieve mail, SIMS temporarily adds the user's IP address to the client
hosts list for whatever time period has been specified in the settings.
This solves the problem with a static clients list that mobile users can't
relay through the server if they've dialed up to an IP address that's not
in the list.

> If I have this set to "never" will that prohibit our users from
> accessing their mail?

No. It doesn't affect the ability to log in via POP, it simply allows SMTP
sessions to be indirectly authenticated by a POP login immediately prior to
the SMTP connection. POP sessions are always authenticated, so it's not
necessary to restrict them in the same way that SMTP relays are restricted.

> I am wondering: Does SIMS do POP connections by requesting
> authentication, and then once authenticated, allow access to the
> mailbox, or is it vice versa?

Uh, not sure exactly what you're asking. POP is a protocol for retrieving
mail. It requires username/password authentication to establish a session.

> I guess I'm not 100% sure on this, but I was under the impression
> that the POP service will answer when the client, no matter the
> network they're coming from, requests access to that mailbox,
> dependent on a successful authentication within SIMS.

No. SIMS answers connections on port 110 as POP3 connections, and expects
the remote host to speak POP. Once the connection has been successfully
authenticated with a valid username and password, the user has access to
the mailbox associated with the username.

> Does SIMS additionally check the source IP in the header for
> inclusion in the Client Host List BEFORE it authenticates and grant
> access to the box?

SIMS doesn't care what the remote IP address is for POP connections, since
POP sessions are always authenticated by a username/password.

> >Only if you have "Relay for clients only" checked and no external
> >IPs in your Client Hosts list.
>
> That's the deal.  :^)

--
                   Christopher Bort | cbort@globalhomes.com
            Webmaster, Global Homes | webmaster@globalhomes.com
                      <http://www.globalhomes.com/>
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster