On 10/6/2014 4:19 PM, Joe wrote: > On Mon, 06 Oct 2014 15:38:33 -0400 > Jerry Stuckle <jstuc...@attglobal.net> wrote: > > >>> >> >> That's very interesting - because I don't have any networks specified >> in any dc_relay_nets - yet my email goes out (and comes in) just fine. >> > > Indeed. My server isn't listening on 587, and my MUAs all use 25. One > might suppose that using authenticated SMTP sidesteps the relay network > specification and possibly relay domains as well, as the server won't > care who is connecting if they have the right password. > > I don't bother authenticating, as anything physically connected to my > network (or by certificate-authenticated VPN) has permission to send > mail, and nothing from outside meets the dc_relay_nets specification. > Two ways to skin the same (almost) cat. Sorry, Lisi, if you're reading. >
And how can you be positive your network is secure? For instance, you don't have a configuration error, a bug in a router, an access point with weak encryption... the list of potential holes is almost endless. Any time you remove a layer of authentication, you expand the chances of someone getting in. Jerry -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5434a41c.7030...@attglobal.net