[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: per-user per-ip pop3 access
On Thu, 11 May 2000, Gaal Yahas wrote:
> Umm, unless I'm mistaken, tcpserver allows you to bind your server to
> a specific *local* address (rather than 0.0.0.0); this does not have
> the desired effect in this case. (What it means is that the server only
> listens to one interface from then on.)
>
> I could be wrong: last time I used tcpserver was about a year ago.
yap, that's the idea. you get two TCPservers, each running a seperately
configured pop server in some way. (one allows APOP and the other
doesn't?). using qmail-pop3d limits you to using maildirs and Qmail.
another option is to use ssl-pop3 with various ssl tunnels. supported by
Netscape, Outlook and possibly Eudors. with a little hacking, fetchmail
too.
> But it seems to methat what the original poster needs is a feature
> akin to Check Point FW-1's "client authentication": a server that
> listens on some unrelated port, against which you identify and
> authenticate yourself; once this is done, the server dynamically
> configures the firewall to open up a specific service to the IP from
> which you authenticated. Naturally, there is a mechanism handling
> timeouts and logging involved.
>
> This could be scriptable, but to do it securely will take more than
> a trivial effort.
maybe there is something in TIS for that?
--
Ira Abramov ; Penguinophile ; www.linux.org.il
Linux: Because a PC is a terrible thing to waste.
(By komarimf@craft.camp.clarkson.edu, Mark Komarinski)
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il