At 07:37 AM 3/10/02 +0530, you wrote: >hi list, > >i am setting up a smtp server ( freebsd & qmail or sendmail ) for our >organisation which will also be the domain mail server for the >internet. we have users who are on both sides of the firewall ( >inside the org as well as outside on the internet ) >to pervent this server becoming a open relay we are planning to >implement smtp auth before sending email. > >can anyone please who has done this sort of thing before elaborate more on >pros and cons >also can please send the snippet of actual code ( c, perl or any lang >welcome ) that gets executed on client side while the smtp auth >(plain) ( just trying to gauge the security impact of this kind of auth )
I have set up RFC2554 SMTP Authentication using both sendmail and exim. My customers must use SMTP AUTH if sending mail through my server, unless they are sending from my shell box. Both the PLAIN and LOGIN mechanisms send username and password in plaintext. Base64-encoded, yes. But still plaintext. Unfortunately, Microsoft e-mail clients use Login. Netscape and Eudora and Pegasus can use plain but can also use one or the other of the auth mechanisms that support encryption. But no e-mail client supports *all* of them. -- JustThe.net LLC - Steve "Web Dude" Sobol, CTO ICQ: 56972932/WebDude216 website: http://JustThe.net email: [EMAIL PROTECTED] phone: 216.619.2NET postal: 5686 Davis Drive, Mentor On The Lake, OH 44060-2752 DalNet: ZX-2
