Re: flexfax: Accounting and Billback with faxmail

[Nico Garcia <raoul@cirl.meei.harvard.edu>]

-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 21 Apr 1998, Michael Ferioli wrote:

> I know this question has been asked a million times and I even
> quote the bottom of the man page for faxmail:
> 
>      Because a sender's identity in an electronic mail message is
>      inherently  untrustworthy,  using faxmail to build a mail to
>      fax gateway is problematic.  Unless mail service is  somehow
>      restricted  or  the  sender's  identity  is verified using a
>      mechanism such as  RFC  1847's  multipart/signed  MIME  type
>      there  is  no  reliable way to restrict access to facilities
>      setup with faxmail.
> 
> Ok, so I understand the problem.  Does anyone have a real world
> solution?
> 
> How about using the MTA's logs to cross reference to the xferlog?
> But then again, the source IP could be spoofed.
> 
> Does anyone have any clue how an ISP can setup a mail to fax
> gateway with some kind of reliable billback solution?

This just came up. Run procmail for the "fax" recipient username,
and have procmail do all the verification of IP address, signatures,
etc., then call the faxmail program.

			Nico Garcia
			Senior Engineer, CIRL 
			Mass. Eye and Ear Infirmary
			raoul@cirl.meei.harvard.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNTyu/z/+ItycgIJRAQHRVgP/cc/oaElwathjhL6VPGXyo3jIRFJJGjjj
cJdt/IUFj4zBmPRK2j8A9AGlXUnCxLdZZfbMlDyv+s2QfVoscW+D6Pg61qeGqiye
ZkpUnzgIfVsokEo9drZdcPQNQExq/JpJuJSy4r2GKE7+1duAirdeSBtp8LcG8N1+
ehU8QCEbAyk=
=w8Gp
-----END PGP SIGNATURE-----