On 2011-08-18 17:39, Thomas Berger wrote:
Am Donnerstag, 18. August 2011, 15:23:28 schrieb Jeroen Geilman:
On 2011-08-18 14:59, Reindl Harald wrote:
587 is AUTHENTICATED submission
Says who ?
Port 587 is AUTHORIZED submission, NOT AUTHENTICATED.
Um, no.
RFC 4409, section 4.3 states that an MSA *must* require authentication
on connections that are not implicitly trusted (such as a secured local
network).
SMTP AUTH is the preferred mechanism, but the RFC does not limit
authentication to SMPT AUTH.
This is now a Draft standard, meaning you'd better follow it (HTML has
never progressed beyond a draft standard in the 10+ years that v4.01 is
in use)
This requirement is updated from RFC 2476, where it was optional, but
RFC 4409 is from April 2006 (a good 5 years ago), so let's assume people
have read it by now.
--
J.
