[geeks] AAAAAAAAGH! Spammers on the loose!

[Mike Dombrowski]

On 24 Sep 2001, at 22:33, geeks-request at sunhelp.org wrote:

> > Hard to do when I let other folks use basenji.com for email
> > accounts....
> >
> 
> Yeah - that can be difficult.  Do these other folks have static IPs? 
> That would be easy to restrict.  However, it never is that easy.
> 
> I've heard of sites that setup mail so that a user *must* login via
> POP3 and get mail before they will allow SMTP connections from that
> IP.  Not sure how to set this up though - though you might be able to
> do it with shell scripts, and log files.  I'm sure there's a simpler
> and more elegant solution - qmail maybe?

There are a couple ways to do smtp auth with qmail. Qmail doesn't 
have builtin auth but the other programs work fine. "smtpauth" 
makes the user log into smtp like you suggested. Other schemes 
make the user check pop3 mail first then lets them send smtp from 
that address for 30min or so. These are really simple and I wrote 
one for my current work to deal with roaming users and it works 
like a charm. Most email clients do pop3 before smtp anyway so 
the remote lusers only have to put in the email server name and not 
deal with any kind of smtpauth.

Mike