OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Content filter wants to know sender's IP
From: Alexander Nosenko (naetitul.ru)
Date: Sat Jun 03 2000 - 01:11:59 CDT

Hi!

> > Last snapshot-20000531 has support for content filtering, but I would
like
> > to make a proposal: can we have message filtering by sender's IP and
> > message size, not only by content?
>
> What problem are you trying to solve? By filtering only incoming mail
> a) you're only reducing content filtering expense by half, and b) you
> allow harmful mail to emanate from your site.
>
> Wietse

I want to filter _outgoing_ mail (on company's firewall). Filtering rules
include checks for sender IP, i.e. to check outgoing message size depending
on sender's host (some users are allowed to send 100MB messages with TIFF
files, some aren't). For now, filtering script can't get real sender's IP to
do that. I can check for return address (possibly forged to someone's else
within the company). Same problem arises with authentificated SMTP (well,
someday ;-) - filtering script needs access to the auth data (metod, real
user name etc.).

Regards,
Alexander Nosenko <naetitul.ru> 

---
The answer to the Great Question of Life, Universe and
Everything is 42... octal or hexadecimal?