On 12/17/2010 9:32 AM, Benny Pedersen wrote:
On fre 17 dec 2010 18:19:55 CET, Ted Mittelstaedt wrote
The whole point of auth smtp is to come from UN-trusted networks.
will not agre on that one, if you require auth it must check all ip even
localhost
I don't mean to say that just because auth is required from
untrusted networks that it's not a good idea to use it on trusted
ones.
it's actually also a very good idea to block off port 25 from your
mail clients even the ones ON trusted networks.
In fact a good case can be made for ignoring the trusted networks
mechanism in SA entirely and spamfiltering everything, even the
stuff coming from your own users.
unfortunately, while you can do that in a corporation it is
difficult for a commercial ISP to do it to users that are
paying them for mail. Users are hypocritical in this way,
they want to send e-mail loaded up with very spam-like
constructions (html, blank subject lines, etc.) but they don't
want to receive it. ;-)
or yes, i see any ip as untrusted if user do not pass sasl auth
firefox is olso a safer password browser if you store login passwords in
it and forget to enable master password, but some see it as a feature, i
see it as a bug
I regard almost the entire concept of storing passwords for interactive
programs as utterly defeating the purpose of having passwords in the
first place, but I recognize this isn't universally accepted.
Ted
