Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!zaphod.mps.ohio-state.edu!wuarchive!udel!princeton!twg.com!david From: david@twg.com (David S. Herron) Newsgroups: comp.mail.misc Subject: Re: BITFTP grief! Message-ID: <8942@gollum.twg.com> Date: 20 May 91 16:40:26 GMT References: <1705@aupair.cs.athabascau.ca> <34032@ucsd.Edu> Distribution: na Organization: The Wollongong Group, Palo Alto, CA Lines: 53 In article <34032@ucsd.Edu> brian@ucsd.Edu (Brian Kantor) writes: .. >mail-based archive server which not only limits volume, but will audit >the address requesting the data. > >The qualifications are that we will send a large file in response to a request >from someone if their return address is > 1 hop from us (i.e., a direct connection) > 1 hop from uunet (i.e., requester picks up the tab) > on the internet Good idea, BUT. Meta-Question for you: Why put this authorization sort of thing in the program. That is ... You have some particular set of administrative concerns you want to address with your mail server. Suppose someone else also has administrative concerns, but not the same set. Say they have two routes, one over per-packet charging X.25 with X.400 and the other over non-per-packet charging Internet, and they want to reject most of the requests which will return over the X.25/X.400 link because it's expensive. To make it worse, suppose they have this person they do work with but s/he is only connected throuth the expensive X.25/X.400 link ... Taken from another angle.. my first thought about how to do this is to have the program do low-level rooting around in various files scattered about like /usr/lib/uucp/{L.sys,Systems}. That can be UGLI. Howzabout pushing the authorization stuff into the MTA. Then it could be used for more purposes than just an archive server. For instance I have seen requests for preventing certain people from posting to a mailing list, or conversely limiting posters to a mailing list to a select group. Or, as I implied above, you may want to limit people in general from using your expensive links but allow a select few to do so. (Hmm.. just had a thought that the more radical among you might not like this. Just remember the Golden Rule: Thems that gots the gold makes the rule. It is truer than you think!) At any rate there are two MTA's which already have generic authorization facilities in it. MMDF and PP -- <- David Herron, an MMDF & WIN/MHS guy, <- Formerly: David Herron -- NonResident E-Mail Hack <- <- "MS-DOS? Where we're going we don't need MS-DOS." --Back To The Future