I was going to bring up MSA, too. It should be noted, however, that
MSA doesn't *require* authentication. Check out RFC 2476 for details. The RFC does lists authentication as an optional feature, however.
I wasn't aware of this. A previous cursory glance of the RFC and other reading made it seem like authentication was required. I thought that was the point, even. A re-glance at the RFC makes me think you are indeed correct.
I *think* the DaemonPortOptions line above will not require the authentication you mention. You need to specify 'M=Ea' instead of just 'M=E'. That's for sendmail...your MTA may vary.
Ooh, you made me check quickly to ensure that I'm not in fact an open relay. However, I attempted to send mail from a user in the domain, without logging in, outside the domain, and still got a "Relaying denied" message, so I think I'm okay here. Perhaps other parts of my config are compensating.
I do predict that spammers will adapt to this new authenticated email world rather quickly. Namely, they will modify their spam-cannon-laden viruses to pick up the user's SMTP server and username from his Outbreak config and either pick up the password from the config if it's saved, or sniff it as it's typed.
That seems likely, but how much email is send from virus-attacked computers? The SPF approach seems to have the goal on making DNS-based blacklists reasonable, not addressing the spam-from-a-virus problem.
But we will still be in a better place when it comes to spam. When enough clueless users get disconnected from their ISPs for spam propagation, they will either take more proactive measures to keep their systems clean of viruses, or put more pressure on their operating system vendors of choice to put security where it belongs: at a much higher priority than convenience. Or both.
One can always hope...
-- Bob Bell _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
