On Thu, 8 Feb 2001 05:51:08 -0500 (EST),
"Thomas Mueller" <[EMAIL PROTECTED]> wrote:
>
> Ricsi> Your SMTP agent (yeah ... that one which you can telnet in ;) will get
> incoming mail.
> If it uses ORBS, than it looks up the address.
> If the mail came from a open relay, it will send the mail
Hi
08 Feb 2001, "Thomas Mueller" <[EMAIL PROTECTED]> wrote:
Ricsi>> Your SMTP agent (yeah ... that one which you can telnet in ;)
Ricsi>> will get
TM> incoming mail.
TM> If it uses ORBS, than it looks up the address.
TM> If the mail came from a open relay, it will send the mail back,
Ricsi> Your SMTP agent (yeah ... that one which you can telnet in ;) will get
incoming mail.
If it uses ORBS, than it looks up the address.
If the mail came from a open relay, it will send the mail back, and tell
the author, that his SMTP server is blacklisted at ORBS.
'Please contact yo
>Date: Tue, 6 Feb 01 08:13:09
>From: [EMAIL PROTECTED] (howard schwartz)
>Subject: Re: Help! Smtp authentication?
>On 5 Feb 01 at 22:43, christof Lange wrote:
>> Howard, could you please post this batch file? I would very much like
>> to experiment with it, too. Stu
On Tue, 06 Feb 2001 11:18:14 -0500,
[EMAIL PROTECTED] (howard schwartz) wrote:
>
> > and that authentication in SMTP is only necesarry if you don't use your
> > ISPs SMTP server. (otherwise the IP should be checked)
>
> Wrong Wrong Wrong!
>
> I use my ISPs SMTP server, I dial into my ISP's
> na
On Tue, 06 Feb 2001 06:34:30 -0500,
"L.D. Best" <[EMAIL PROTECTED]> wrote:
>
> As I told someone else, this isn't exactly what was proposed but it is
> sorta. HUH??
>
> So far no one has been able to access & use from a pseudo-domain/pseudo
> user account? To date, all tries have been from vali
Hi
06 Feb 2001, [EMAIL PROTECTED] (howard schwartz) wrote:
>> and that authentication in SMTP is only necesarry if you don't use
>> your ISPs SMTP server. (otherwise the IP should be checked)
hs> Wrong Wrong Wrong!
it should not be wrong ... if it still does not apply to your ISP, than you
h
> and that authentication in SMTP is only necesarry if you don't use your
> ISPs SMTP server. (otherwise the IP should be checked)
>
> CU, Ricsi
Wrong Wrong Wrong!
I use my ISPs SMTP server, I dial into my ISP's
nameserver by phoning my ISP's digital access POP phone number.
I (that is my mai
On 5 Feb 01 at 22:43, christof Lange wrote:
> Howard, could you please post this batch file? I would very much like
> to experiment with it, too. Stuffkey is available to me.
Here is the full file Chris. Some explanation is needed for
the complexity: I collect outgoing messages in a ``Soup''
Thanks for your patient explanation, Ricsi. I am begining to understand
a little.
On Tue, 06 Feb 2001 13:33:16 +0100 (CET), [EMAIL PROTECTED] (Richard Menedetter) wrote:
> Your SMTP agent (yeah ... that one which you can telnet in ;) will get
> incoming mail.
> If it uses ORBS, than it looks u
If a Unix system is setup to accept telnet logins then all that is
needed to access the system is a valid username and password. Usernames
are everywhere. Passwords can be guessed by password guessing programs
that run dictionaries and other schemes. My ISP's shell was hacked on
at least two occas
Hi
05 Feb 2001, "Sam Ewalt" <[EMAIL PROTECTED]> wrote:
>> SE> I don't want to give it any more time and energy than that.
>> with ORBS _you_ don't give it any energy.
>> you simply tell your SMTP server to look up ORBS.
>> (or you ask your ISP to do that)
SE> Asking or telling anybody to do
As I told someone else, this isn't exactly what was proposed but it is
sorta. HUH??
So far no one has been able to access & use from a pseudo-domain/pseudo
user account? To date, all tries have been from valid domains by valid
accounts on those domains. No try, to my knowledge, to come into po
Hi
05 Feb 2001, "Samuel W. Heywood" <[EMAIL PROTECTED]> wrote:
SH> I think you are failing to understand what L.D. is saying.
SH> It appears that she is under the impression that email clients
SH> negotiate their sendmail protocols with some other kind of facility
SH> on the server end that
On 5 Feb 01 at 22:43, owner-arachne-digest@arachne wrote:
>Date: Mon, 5 Feb 01 09:33:17
>From: [EMAIL PROTECTED] (Howard Schwartz)
>Subject: Re: Help! Smtp authentication?
>
>Strangely, my mail transport of choice, fdsmtpop, supports only
>a smtp-before-pop mode, instead of t
On Mon, 05 Feb 2001 18:28:53 -0500,
"L.D. Best" <[EMAIL PROTECTED]> wrote:
>
> I wasn't going to reply, because it would just be another case of "no
> win" ...
>
> I will, instead, simply state that my ISP made clear a number of things
> about the types of firewall protection they have:
>
> 1. T
I wasn't going to reply, because it would just be another case of "no
win" ...
I will, instead, simply state that my ISP made clear a number of things
about the types of firewall protection they have:
1. The SMTP server will not "open relay."
2. If the need arose for me to telnet into the ser
On Sun, 04 Feb 2001 21:51:13 +0100 (CET), [EMAIL PROTECTED] (Richard Menedetter) wrote:
> Hi
> 04 Feb 2001, "Sam Ewalt" <[EMAIL PROTECTED]> wrote:
> SE> I don't want to give it any more time and energy than that.
> with ORBS _you_ don't give it any energy.
> you simply tell your SMTP server to
Ricsi,
I've calmed down a little bit about this. Thanks for the detailed
information. My ISP does , in fact, use the new ESMTP thing which
does ask for IDENT and ignores it if there is no response and appears
to check the IP address of the client attempting to use the server.
It will send mail f
On Mon, 5 Feb 2001, Samuel W. Heywood wrote:
> Were there not some
> facility other than Telnet involved, then it would be a reasonable
> inference that we would be seeing our email clients receiving the
> same kinds of messages and feedback from the server end as we see in our
> Telnet clients d
> By the way, how are you sending your e-mail now? Is SMTP AUTH in
> effect and has your DOS software actually stopped working?
> Howard E.
Strangely, my mail transport of choice, fdsmtpop, supports only
a smtp-before-pop mode, instead of the (usual) reverse. So I
rigged up a batch file with a
On Mon, 05 Feb 2001 15:08:02 +0100 (CET), [EMAIL PROTECTED] (Richard Menedetter)
wrote:
> Hi
> 04 Feb 2001, "L.D. Best" <[EMAIL PROTECTED]> wrote:
> LB> Perhaps you can suggest to your MIS people that their
> LB> "authentication" isn't really that secure, and
> LB> that the area which needs to
Hi
04 Feb 2001, "L.D. Best" <[EMAIL PROTECTED]> wrote:
LB> Perhaps you can suggest to your MIS people that their
LB> "authentication" isn't really that secure, and
LB> that the area which needs to protect SMTP is telnet
What do you mean by that ??
(area which needs to protect SMTP is telnet
I just looked through RFC 2554, which deals with authenticated SMTP, seems to
raise more questions than it answers. This dates to March 1999. I didn't find
anything more recent on authenticated SMTP, but possibly there might be since my
last download of the RFC list. I think there is http://rfc
On Sun, 4 Feb 2001 21:19:33 +,
Howard Schwartz <[EMAIL PROTECTED]> wrote:
>
> As I understand it, ESMTP (that is, enhanced simple mail transfer protocol)
> is relevant to our discussion, because ``unenhanced'' SMTP does not
> include the AUTH command. If you telnet to a mail host and enter:
>
Actually, both of you are right and wrong.
There is a need to stop spamming. There is no need to put an INTERNAL
smtp firewall up.
My ISP had a firewall to prevent unauthorized SMTP access. Any attempts
to tenet into port 25 require login -- user must be an authorized user,
and the password mu
Hi Folks, Sam, Sam,
Samuel W. Heywood wrote:
> What if you have to pay by the hour for your internet connection time
> and you are downloading your email with an XT and a 2400K modem, and
> along comes a 200K spam message? Wouldn't you feel that you would have
> every right to bitch about it?
On Sun, 04 Feb 2001 15:30:34 -0500, Glenn McCorkle wrote:
> I used to get ticked off each time I got a piece of spam.
> I would go to great lengths to try and stop it.
> (send a spam report via spamcop.net and the send 10 CCs to each and
> every server the spamcop report had identified)
> The r
Hi
04 Feb 2001, "Sam Ewalt" <[EMAIL PROTECTED]> wrote:
SE> I don't want to give it any more time and energy than that.
with ORBS _you_ don't give it any energy.
you simply tell your SMTP server to look up ORBS.
(or you ask your ISP to do that)
SE> I don't think there's any way to get rid of s
On Sat, 03 Feb 2001 17:02:51 -0500, Sam Ewalt wrote:
> My understanding of smtp servers is that they just relay the mail,
> nothing is kept on the server and you can't get anything from the
> server, all it does is take the mail you send it and sends it on
> its way. There is no need for secur
Hi
04 Feb 2001, "Samuel W. Heywood" <[EMAIL PROTECTED]> wrote:
SH> I didn't know it was that simple.
I thought that the whole thread was about that fact ;)
Yes ... standard SMTP does not have authentication capabilities.
Normally this is not a very big problems, because only a range of trusted
Hi
03 Feb 2001, "Sam Ewalt" <[EMAIL PROTECTED]> wrote:
SE> My understanding of smtp servers is that they just relay the mail,
SE> nothing is kept on the server and you can't get anything from the
SE> server, all it does is take the mail you send it and sends it on
SE> its way.
Yes
SE> T
On Sun, 04 Feb 2001 00:06:03 -0500,
"Glenn McCorkle" <[EMAIL PROTECTED]> wrote:
>
> On Sat, 03 Feb 2001 12:52:32 +, Samuel W. Heywood wrote:
>
>
>
> > authentication protocol, but unless you are connected to "shentel.net" I
> > don't think there is any way you can send a message out of
> >
On Sat, 03 Feb 2001 18:27:36 +, Samuel W. Heywood wrote:
> What if you have to pay by the hour for your internet connection time
> and you are downloading your email with an XT and a 2400K modem, and
> along comes a 200K spam message? Wouldn't you feel that you would have
> every right to bi
Hi Sam and all,
it's not so easy as You think, at least here in Germany. There are many
ISP here offering a service called "Internet-by-call". They have dial-in
number and a standard user ID and password and that's it. They don't
know who You are and the charges for the connection appear on Your
On Sun, 04 Feb 2001 00:06:03 -0500, Glenn McCorkle wrote:
> On Sat, 03 Feb 2001 12:52:32 +, Samuel W. Heywood wrote:
>
>> authentication protocol, but unless you are connected to "shentel.net" I
>> don't think there is any way you can send a message out of
>> "smtp.shentel.net" unless you
On Sat, 3 Feb 2001 02:54:10 -0800 (PST),
Howard Schwartz <[EMAIL PROTECTED]> wrote:
>
> My corporate ISP just installed what the level-1 techs call a ``spam
> filter'' for the SMTP mail server. As a result, this server refuses
> to send mail out to anyone not already in its domain, unless my
> ma
On Sat, 3 Feb 01 17:16:05, [EMAIL PROTECTED] (Howard Schwartz) wrote:
> Sam asked:
>> So my question is: Why does one need to authenticate himself to his own
>> system's smtp server? They already know who you are and they know you are
>> OK because you are already logged on to their own syst
On Sat, 03 Feb 2001 12:52:32 +, Samuel W. Heywood wrote:
> authentication protocol, but unless you are connected to "shentel.net" I
> don't think there is any way you can send a message out of
> "smtp.shentel.net" unless you have obtained some subscriber's username and
> password and have u
Sam asked:
> So my question is: Why does one need to authenticate himself to his own
> system's smtp server? They already know who you are and they know you are
> OK because you are already logged on to their own system by using a
> username and a password that they have already authorized a
Sam asked:
> So my question is: Why does one need to authenticate himself to his own
> system's smtp server? They already know who you are and they know you are
> OK because you are already logged on to their own system by using a
> username and a password that they have already authorized a
On Sat, 03 Feb 2001 17:02:51 -0500, Sam Ewalt wrote:
> My understanding of smtp servers is that they just relay the mail,
> nothing is kept on the server and you can't get anything from the
> server, all it does is take the mail you send it and sends it on
> its way. There is no need for secur
My understanding of smtp servers is that they just relay the mail,
nothing is kept on the server and you can't get anything from the
server, all it does is take the mail you send it and sends it on
its way. There is no need for security, imho.
Restricting mail delivery from traditional smtp se
On Sat, 03 Feb 2001 09:52:51 -0500, Sam Ewalt wrote:
> On Sat, 3 Feb 2001 02:54:10 -0800 (PST), Howard Schwartz wrote:
>> My corporate ISP just installed what the level-1 techs call a ``spam
>> filter'' for the SMTP mail server. As a result, this server refuses
>> to send mail out to anyone not
On Sat, 3 Feb 2001 02:54:10 -0800 (PST), Howard Schwartz wrote:
> My corporate ISP just installed what the level-1 techs call a ``spam
> filter'' for the SMTP mail server. As a result, this server refuses
> to send mail out to anyone not already in its domain, unless my
> mail transport software
On Sat, 3 Feb 2001 02:54:10 -0800 (PST), Howard Schwartz wrote:
> My corporate ISP just installed what the level-1 techs call a ``spam
> filter'' for the SMTP mail server. As a result, this server refuses
> to send mail out to anyone not already in its domain, unless my
> mail transport software
Hi folks,
On Sat, 3 Feb 2001 02:54:10 -0800 (PST), Howard Schwartz wrote:
> Can any one help me figure out if I can tweak my old SMTP programs to
> provide some form of this authentication? I was hoping this might be
> done with some varient of the traditional `HELO' command, or by
> first logg
Hi
03 Feb 2001, Howard Schwartz <[EMAIL PROTECTED]> wrote:
HS> Can any one help me figure out if I can tweak my old SMTP programs to
HS> provide some form of this authentication?
IMHO not possible ... sorry :(
PS: Also old fashioned POP3 password is cr*p.
Sending passwords in the clear over t
48 matches
Mail list logo
