Mailing List SIMS@mail.stalker.com Message #12372
From: Neil Herber <nospam@mail.eton.ca>
Subject: Re: "authenticated IPs are treated as Client ones"
Date: Wed, 15 Jan 2003 15:29:00 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
It is rumored that on or about 2003-01-15 2:14 PM -0600, Chris Wagner wrote as follows:
So, that said, Christopher, does that mean that the POP module is passing the username and password to the SMTP module for TEMPORARY use at that point?

And if so, would having this setting at "never" prevent ANY SMTP from the outside (which is I guess what I'm getting from your explanation)

Is that correct?

The POP3 and SMTP modules don't talk to each other directly. However, if a user logs in to retrieve mail, they are using POP3 and they must give a user name and password. Since you presumably trust this person, SIMS will place the IP address that the POP3 request came from into the Client Host list for the length of time you have specified.

That means if the user at that very same IP then tries to send mail using the SMTP server, then SIMS will let them do so, since the IP is in the Clients Host list.

If, however, you have set the length of time to authenticate such SMTP use to zero, then an SMTP request coming from an IP that is NOT in the Client Hosts list is refused. (This assume that you have Relay for clients only set on - and you definitely should!)

Your statement " prevent ANY SMTP from the outside " is misleading. The SIMS SMTP server will send mail for ANY IP that appears in the Client Hosts list. You could, for example, put my IP in there and then I could use your SMTP server any time I wanted to - no need for the read before send stuff.

Still confused?  (This only took me 3 or 4 years to figure out!)  ;->

--
Neil

Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster