- Eric Dahnke <[EMAIL PROTECTED]>:
| First, there is no way set RELAYCLIENT (via inetd, tcpserver, or
| some patch) based on domain name rather than IP, correct? (I realize
| it would be weak)
tcpserver won't do it out of the box, but it's almost trivial to do
with a little wrapper. Just have tcpserver run a program which looks
up TCPREMOTEHOST in a database, and sets RELAYCLIENT accordingly
before running the real qmail-smtpd. If you run tcpserver with the -p
(paranoid) flag, it is perhaps not totally trivial to break either -
but then, I am no expert on DNS security. Maybe someone will comment?
(Sorry I can't answer inetd questions.)
- Harald