Am 07.05.2014 21:27, schrieb Sebastian Nielsen: > But a question: Why do you like sasl authentication? > Isn't it more secure to have no authentication at all and instead > rely on client IP?
how can it be more secure to blindly trust an IP address comapred to a combination of username + password? in case of open your doors for an IP you do it for any malware running there, in case auf SASL the malware needs to find valid credentials if you want to get 100% sure you use both - specific credentails only allowed from limited and known IP's
