John Levine wrote: >> Ouch! Someone needs a refresher :) >> > > Someone might benefit from rereading RFC 6409, particularly section > 3.3. > > >> Port 587 should ALWAYS be using AUTH, full email address, with TLS >> enabled.. Then you have a MUA->MTA connection (submission) >> > > Nope. For one thing, it's an MSA, not an MTA. For another, the rule > is that for submission the MSA needs to know who's doing the > submission. If it's a known IP on the local network, that's often > adequate to identify the guilty party, and there's still stuff that > doesn't know how to do AUTH or is unbearably painful to configure. >
I concur with this. AUTH is *OPTIONAL* and should remain so (maybe default it on like just about every MSA does now - most seem to allow 127.0.0.1 without auth but any more than that has to be explicitly configured.) Regards, -- Michelle Sullivan http://www.mhix.org/ _______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop