At 11:36 PM +0200 2002/08/17, Brad Knowles wrote:
You mean, the IP address of the machine contacting you, or the IP address of the originating machine? If the former, keep in mind that many providers host a large number of customers, and you could deny service to a lot of innocent people. If the latter, then you would be vulnerable to forging.
I've been thinking about this a bit more. I think the best way to implement protection mechanisms for something like this is using a "milter" plug-in for sendmail. It would get called after the message has been transmitted by the sending relay, but before your mail server returns "250 Okay". This milter would do whatever you programmed it to do, but would be able to check databases, compare times of previous messages from the same IP address or network, etc.... Once a message passes all the checks, the milter plug-in would return a code that tells the sendmail program to accept the message, where the actual work is performed by another program. The advantage of milter is that it is inherently multi-threaded, asynchronous, and capable of using an arbitrary number of off-system back-end milter servers. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)