On 8/10/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> Keep a few sanity checks (e.g. no more than X recipients for a message > or no more than 100 messages a minute)
<snip>
This also helps against compromised boxes - i.e., it limits the damage. So it's generally a good idea to have some limit.
For those servicing larger networks such as universities' ResNets or campus networks, using a mandatory smarthost can be an excellent detection tool to see which users/stations need to end up in a quarantine. Granted, the largest customer base for this sort of thing are likely to be Windows users. A few exception lists (for those capable administrators running valid mail servers that push a lot of traffic) should keep the Unix folks happy.
Also, while STARTTLS does have its merits, it's still better suited for handling MTA authentication than protecting user data [...]
Very true. STARTTLS really only safeguards the credentials exchange. Once the MTA relays the message, there are no guaranteers on infrastructure security. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
