On Oct 20, 2006, at 8:14 PM, Rick Romero wrote:
I have an auditor who is telling me that allowing non-SMTP-AUTHd
clients
to use a valid local user in MAIL FROM: is a potential spoof, and a
security vulnerability.
I don't know if it came up in the original thread, but enforcing that
limitati
Quoting Tom Collins <[EMAIL PROTECTED]>:
> On Oct 20, 2006, at 8:14 PM, Rick Romero wrote:
> >> I have an auditor who is telling me that allowing non-SMTP-AUTHd
> >> clients
> >> to use a valid local user in MAIL FROM: is a potential spoof, and a
> >> security vulnerability.
>
> I don't know if it
