> ES, port 587 is all about SMTP-AUTH, meaning that tcprules shouldn't
> really matter as it's all done through auth. Port 25 doesn't require
> auth, therefore it would need independent control.
This sounds to me like a good argument *for* separating them. The processes
are inherently (naturally) different.
Saying that tcprules "shouldn't really matter" for submission isn't really
the case. It's true that there should essentially be no rules, but that's
different. If you need to put constraints on MTA sessions, as Stephen
needed to do (remember what started this thread?), they would be
inappropriate for MSA sessions (which would need to be wide open), which
causes a problem.
I don't see how tcprules would fix Stephen's problem. He's basically
ticked that spammers are hitting his "hidden" server directly. I say
don't just hide it, firewall it.
> What possible scenario would we need to control port 587 independently
> of port 25 and why?
Any time that an admin might need to control MTA traffic/access
independently of MSA. The MSA rules would be simple and static (practically
non existent, because SMTP-AUTH is handling everything, and would rarely
need to change), while most of the tailoring (allowing only MTA from a
limited set of servers, for instance) would exist in the MTA rules.
> This seems like unnecessary complication, with no pay off at all.
I guess what you see as complication I see as simplicity. The payoff is
being able to change MTA behavior without impacting the MSA. This is the
same reason that MSA was separated to begin with, was it not?
Show me one scenario where this would make sense? I can't think of one.
Erik
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
