 | POPAUTH is an addition to the current email system whereby sending of email through any given client server (commonly referred to as "relaying") is controlled by using the POP services to verify a user by username/password combination. This process is also known as POP-before-SMTP.
The following is a general overview of the operation of POPAUTH:
1) A user connects to their server to download their email. For this illustration, we will use user 'joe' on server 'myclient.com' with password 'joespassword'. The username/password/server information listed here is totally fictitious and used only for illustration purposes.
2) Using his username and password configured in his email software, 'joe' is authenticated by the POP server. 'joe' does not need to have email to be downloaded.
3) As soon as 'joe' is authenticated, his remote IP from which he is connecting is noted by the POP server.
4) joe's remote IP is now logged with the current time to a POPAUTH database. For the next 15 minutes, 'joe' is able to send email through the server freely.
5) At the end of 15 minutes, joe's IP is removed from the POPAUTH database. 'joe' is no longer authenticated to send email through the server. 'joe' must now check his email for download in order to re-authenticate himself with the email server in order to send email again. If 'joe' does not authenticate himself before sending he will receive a 'Relaying Denied' error message.
For the mobile user (a user who moves from place to place over any given period of time) this is a great advantage as complicated access files no longer need to be updated and maintained. The email server now maintains this information directly without any intervetion necessary. To send email after moving from one IP to another, the mobile user need only check for new mail to gain access to sending email.
The entire process is seamless and self-maintaining, further reducing maintainance overhead by the server owner.
|