On 3/17/2008, Frank Griffin ([EMAIL PROTECTED]) wrote:
> They don't seem to want the risk of basic SMTP auth being cracked or
> sniffed, so they just refuse to relay for anything outside their IP
> block, period, no matter what.

<snip>

> Since I don't want to have to reconfigure may laptop every time I leave
> home, I need the relay service.

I'm confused... above you say that they don't allow relaying from 
outside their network 'no matter what'... then you say you need their 
relay service while outside their IP block...

You appear to be saying that it is when sending from outside their IP 
block that they do this relay filtering based on an easily forged 'From: 
header.

What I'm saying is that it is *much* easier to spook a 'From:' header 
that to sniff/crack an unsecured smtp_auth session. Not that its *hard* 
to sniff a plain text smtp_auth session - just that its harder than 
spoofing a 'From:' header.

Any ISP that doesn't allow the use of TLS for sending while outside 
their networks is not to be trusted, so my original comment stands - I'd 
get another ISP if possible.

This has gone way OT for mailman though... sorry...

-- 

Best regards,

Charles
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;file=faq01.027.htp

Reply via email to