Client Authentication
Daniel Feenberg
feenberg at nber.org
Sun Mar 24 16:14:44 UTC 2013
On Sat, 23 Mar 2013, Doug Hardie wrote:
>
> On 23 March 2013, at 21:51, Mehmet Erol Sanliturk <m.e.sanliturk at gmail.com> wrote:
>
>>
>> Using Static IP in the client side , and checking Static IP of the user
>> may be a possibility : In that way , any message from another IP will
>> not be accepted .
>>
>> If this is possible for your systems , it may be checked for usability
>> .
>>
>> One difficulty is that each user should obtain a Static IP and can not
>> connect to his/her ISP from another IP .
>>
>> Good side is that nobody can connect to ISP of the user from another IP
>> : It supplies hardware security ( we are assuming that the user
>> computer is not captured ) ..
>
> That is an interesting idea, but unfortunately our users tend to travel
> a lot and need to be able to access mail from anywhere. Also, static
> IPs can get quite expensive from some ISPs. Our users are pretty much
> on fixed incomes and any expense is a hardship for them.
Can you filter outgoing mail with Spamassassin? How about refusing to
relay mail from addresses in a good DNSBL? Do you rate-limit outgoing
mail? Can you just refuse to relay mail from other continents, using
a geolocation service?
daniel feenberg
>
> -- Doug
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list