Are there any routers currently available that can do port 25 spoofing for
dialup users? That is, when the user attempts to connect to port 25
anywhere, he in fact connects to port 25 on your own SMTP server instead.
In case it's not obvious, it's for spam management.
It seems simple enough to block all outgoing SMTP to anything but your
own server, and to apply such a filter on your dialups. I don't know
if the more complex solution you propose is worth it -- the users will
quickly learn where they should aim their mail...
It seems simple enough to block all outgoing SMTP to anything but your
own server, and to apply such a filter on your dialups. I don't know
if the more complex solution you propose is worth it -- the users will
quickly learn where they should aim their mail...
Experience suggests that's not true -- users whine very loudly that their
mail used to work and it doesn't work any more. Telling them that the config
that they copied from a friend down the hall, which bounces the mail off the
server of some company where the friend used to work, was bogus in the first
place rarely impresses them.
That's the point in making it transparent. Also, it's for the benefit of
people who use these global roaming setups, so they don't have to reconfigure
Eudora every time they get off an airplane.
Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
Couldn't this be done with transparent proxy just as some ISP's do it for
web proxying/caching?
CONFIG_IP_TRANSPARENT_PROXY
This enables your Linux firewall to transparently redirect any
network traffic originating from the local network and destined
for a remote host to a local server, called a "transparent proxy
server". This makes the local computers think they are talking to
the remote end, while in fact they are connected to the local
proxy. Redirection is activated by defining special input firewall
rules (using the ipfwadm utility) and/or by doing an appropriate
bind() system call.