"Chris Wilkes" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
> This comes into play if your client issues an SMTP AUTH command, which > is a setting in most mail clients that looks like "this server requires > me to authenicate." > > With people on the inside of your network usually the RELAYCLIENT="" is > set in your smtpd/tcp file meaning that they can send mail to whomever > without any checks. > > People outside of your network do not get this RELAYCLIENT setting and > so they can only send email to domains listed in your rcpthosts and > locals file. However if they ask to do an SMTP AUTH and they pass (ie > username/password works) then they can send mail like they were on the > inside of your network, with the RELAYCLIENT setting on. > > People use SMTP AUTH so that their people outside of the LAN can relay > mail through the corporate mail server. Another solution to this is > SMTP after POP, which the "pbs" functions can work with in qmailldap. > > So to answer your question: no, you do not HAVE to login to send mail, > but it gives you the ability to let people outside of your network relay > mail through you. > > Chris Thanks Chris, A client is concerned because it is possible for someone to send email and let it seem as if the mail came from someone else. He simply needs to use a false email address in the mail client. If we were to remove the selective relaying from qmail, would it help to reduce the ease with which people can do this? From what I have read, the real problem is caused by the trusting nature of the SMTP protocol. A colleague says that Lotus Notes gets around this by using a proprietory digital signature. You can't even open up the client software without a username and a password. I haven't verified this for myself. Regards. >
