On Monday 07 June 2004 10:17 am, Devendra Singh wrote: > > Sorry Jeremy, > > Perhaps I was unable to explain the problem properly. > > Suppose a Server is hosting the following domains: > > abc.com > xyz.com > test.com > .... > ....
ok. > Now, the user [EMAIL PROTECTED] has been enabled for SMTP (not POP-Before SMTP > but SMTP-AUTH using Erwin's Patch). > > If the user [EMAIL PROTECTED] tries to send an email as [EMAIL PROTECTED] in FROM > headers, its denied. no, it's not, unless you've got some funky stuff set up, in which case, you'll have to provide more details. > But, if he impersonates (for say spamming) in FROM > headers as [EMAIL PROTECTED] or even [EMAIL PROTECTED] his outgoing mail would go > through. Isn't this a case to worry? well, if you see it happening, that's why <insert deity here> created userdel. > The example that you have talked about is totally unrelated to the above > explained situation. no, it's entirely the same concept. Why let an unauthenticated user use any combination of envelope sender/header information but restrict authenticated users. Doesn't make much sense to me. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail