On May 22, 2008, at 12:42 PM, Rob McEwen wrote:
First, even if this isn't what you meant, I must set the record
straight... requiring SMTP password-authentication is NOT a hack.
Instead, that is a security feature. I'm not sure if you meant that
differently, but I state this just to be on the safe side.
Second, you do require SMTP authentication, right? Because not doing
so would likely open up your server as an "open relay".
Rob, please read what you reply to. I've been doing SMTP AUTH since
before we got it standardized.
I said that disabling running SA for SMTP-AUTH users is a hack much
like disabling a firewall and I won't do it.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
