Re: pop-before-smtp and spamd
-Urspr|ngliche Nachricht- Von: Adam Jacob Muller [EMAIL PROTECTED] Gesendet: 27.02.08 05:57:42 An: Juan Miscaro [EMAIL PROTECTED] CC: Cameron Schaus [EMAIL PROTECTED], misc@openbsd.org Betreff: Re: pop-before-smtp and spamd pop-before-smtp is highly insecure. Use SMTP auth. -Adam On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote: --- Cameron Schaus [EMAIL PROTECTED] wrote: Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Right now I'm talking about using pop-before-smtp. /juan Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/ -- Mit freundlichen Gr|_en, STEFAN WOLLNY --- Regulatory Reporting Consultancy Tel.: +49 (0) 177 655 7875 Mail: [EMAIL PROTECTED]
Re: pop-before-smtp and spamd
NAT. -Adam On Feb 27, 2008, at 3:49 AM, Stefan Wollny wrote: Adam, could you please point to where to find more information on why pop- before-smtp is highly insecure? Or provide here a little bit of background information? It would be really appreciated. Thank you! -STEFAN -Urspr|ngliche Nachricht- Von: Adam Jacob Muller [EMAIL PROTECTED] Gesendet: 27.02.08 05:57:42 An: Juan Miscaro [EMAIL PROTECTED] CC: Cameron Schaus [EMAIL PROTECTED], misc@openbsd.org Betreff: Re: pop-before-smtp and spamd pop-before-smtp is highly insecure. Use SMTP auth. -Adam On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote: --- Cameron Schaus [EMAIL PROTECTED] wrote: Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Right now I'm talking about using pop-before-smtp. /juan Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/ -- Mit freundlichen Gr|_en, STEFAN WOLLNY --- Regulatory Reporting Consultancy Tel.: +49 (0) 177 655 7875 Mail: [EMAIL PROTECTED]
Re: pop-before-smtp and spamd
Adam, could you please point to where to find more information on why pop-before-smtp is highly insecure? Or provide here a little bit of background information? It would be really appreciated. Thank you! -STEFAN -Urspr|ngliche Nachricht- Von: Adam Jacob Muller [EMAIL PROTECTED] Gesendet: 27.02.08 05:57:42 An: Juan Miscaro [EMAIL PROTECTED] CC: Cameron Schaus [EMAIL PROTECTED], misc@openbsd.org Betreff: Re: pop-before-smtp and spamd pop-before-smtp is highly insecure. Use SMTP auth. -Adam On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote: --- Cameron Schaus [EMAIL PROTECTED] wrote: Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Right now I'm talking about using pop-before-smtp. /juan Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/ -- Mit freundlichen Gr|_en, STEFAN WOLLNY --- Regulatory Reporting Consultancy Tel.: +49 (0) 177 655 7875 Mail: [EMAIL PROTECTED]
Re: pop-before-smtp and spamd
Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Cam
Re: pop-before-smtp and spamd
--- Cameron Schaus [EMAIL PROTECTED] wrote: Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Right now I'm talking about using pop-before-smtp. /juan Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/
Re: pop-before-smtp and spamd
pop-before-smtp is highly insecure. Use SMTP auth. -Adam On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote: --- Cameron Schaus [EMAIL PROTECTED] wrote: Juan Miscaro wrote: Are there standard solutions for dealing with the obvious collision between pop-before-smtp and spamd (in greylisting mode)? I know many will say to use SMTP AUTH but right now I want to try to get my current setup to work. My first idea was to hack the pop-before-smtp Perl script to have the thing (daemon) add connecting/authenticating sender IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with Postfix 2.5. Why not use port 587 to send mail, instead of port 25, and only allow SMTP Auth from this port. Right now I'm talking about using pop-before-smtp. /juan Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/