-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 22 Jan 00, at 9:54, [EMAIL PROTECTED] wrote:
> Well, we use tcpserver's -x option, for a static
> list of known customer IPs (e.g. our dial-up pools).
> We use a variant of Russ's open-smtp package for
> roaming customers.
Well, taking that idea of port redirection more on, you may
1. have the "static" redirection for "local users" IPs
2. have the "temporary" redirection for "roaming users" IPs
3. have the access to the port itself disabled for anyone else
(Ad #2: Adding the IP to the list of port-redirected IPs is the same
type of problems as adding "IP:RELAYCLIENT=''" type of line to
the -x database.)
The "non-authorized" user connects to port 25, running qmail-
smtpd, with no rewriting and no relaying. The "authorized" user, by
connecting to port 25, in fact connects to port 26, running ofmipd,
rewriting and relaying. Direct connect to port 26 is forbidden.
It all only boils down to a question: How fast are you able to reload
the IP-redirection data?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOInlplMwP8g7qbw/EQJ7/ACgkFPF4nCd5gDyfOhAW32c7yvxfsQAn3en
BFCZmHEVqWI8M7QAgCAEB+6A
=KyR/
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
