Access control and Accountability
dcro...@engr.ub.com.uucp
Subject: Re: Access control and accountability
Summary:
Expires:
References: <870408125...@topaz.rutgers.edu>
Sender:
Reply-To: dcro...@ubvax.UUCP (Dave Crocker)
Followup-To:
Distribution: world
Organization: Ungermann-Bass, Inc., Santa Clara, Ca.
Keywords:
In article <870408125...@topaz.rutgers.edu>
hed...@TOPAZ.RUTGERS.EDU (Charles Hedrick) writes:
>... You will need to insert the access control in
>sendmail also. We have done all of this stuff in the past, but are
>not doing it now. It is nearly impossible to control mail. There are
>now so many gateways, that you can always find some machine on the
>local network that will forward your mail to the Arpanet for you. Not
>to mention UUCP or Bitnet to Arpanet gateways...
The MMDFII mail transport system, used by CSNet and distributed with
4.3BSD, has considerable path-filtering based security. You can
prohibit users, networks or hosts from sending to any specified host
or network.
While this requires a cooperating set of internal MMDF's to enforce
filtering pervasively, rather than simply at the boundaries, one would
assume that a security mechanism would not be used unless the requirement
were fairly severe.
Dave
P.S. You are correct that statistics gathering features are present in
other vendors' IP Routers.