<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

SMTP AUTH?


Does anyone know of any working implementations of SMTP AUTH? I have not
seen an add-on for sendmail (though I may have missed something).

In particular, I was thinking of a much simpler, albeit more drastic
anti-spam test:

		C: connect to server
		S: check if client in "allowed" list
			/		\

S: 421 Service not available		S: 220 pleased to meet you
S: connect to client			 <normal SMTP transaction>
S: check if client allows relaying
S: add client (or not) to "allowed"
   or "forbidden" list

   ...some time later, client re-tries

C: connect to server
S: check if client in "allowed" list
S: 220 pleased to meet you
   <normal SMTP transaction>

The test can be applied positively or negatively (i.e. an "allowed" list or
a "forbidden" list). I'm not sure if 421 is the right code to use and I
realise that this would mean a drastic reduction in the number of
legitimate mail received also - since relatively few people implement
anti-relaying but... does this scale? (probably not)

The above also assumes a third case where the mail is rejected at the first
connection if it is in the "forbidden" list already.

Is this a Really Bad Idea? (OK, I already know the answer to that ;->)

Oh well, just wishful thinking on my part... or maybe everyone else is
already doing this and I just didn;t know...

John






<<< Chronological >>> Author    Subject <<< Threads >>>