On 09/12/2019 20:54, Viktor Dukhovni wrote:
On Dec 9, 2019, at 3:38 PM, LuKreme <krem...@kreme.com> wrote:
The configuration as posted, and specifically the line I quoted directly above
my comment, allowed unauthenticated traffic from anything on the LAN. This
means random printers, IOT devices, android phones, etc were allowed to send
mail unchecked. I consider that a security hole.
That's your take on your network, but many other networks use mynetworks
to meet their requirements. Universal authenticated access is not always
feasible, and more restrained language is appropriate when describing the
tradeoffs.
I agree, you are making assumptions as to what his "network" is. You can
advise here, but the risk management depends on what his RFC1918
networks actually are.
--
Giles Coochey
