Author: H.User2373 (26 Jul 12 2:58am)
I see the intent behind the requirement of whitelisting to come from the IP in question, but think of a mail relay of an ISP.
You require a web browser client to be used on a mail server. Okay, lynx and links and a few others could be installed (not nice though), but as it turns out the whitelist form uses a graphical CAPTCHA. I'm sure it's obvious I would not like to pull up a whole environment for a graphical browser, even the simplest one requires almost a hundred libs dependency, not to mention there are servers around with are simply unable to run such a browser because there is neither X forwarding nor remote graphical terminal present.
Wouldn't it be possible to request an authorisation token from ANY IP (using a workstation anywhere) for a given IP and then connect to a specific URL containing the token from the given IP? This could be done even with curl or wget and would not require web clients on a server.
Right now I have to skip the whitelisting as I cannot save, move the captcha image fast enough through a chain of ssh consoles. :-(