Matus UHLAR - fantomas schrieb: >> On Mon, May 11, 2009 09:34, Matus UHLAR - fantomas wrote: >>> But I'd recommend to use that one only if you know that your MTA won't be >>> able to auth users and put the auth info into Received: headers. >>> Using SMTP authentication is much much better than pop-before-smtp > > On 11.05.09 11:04, Benny Pedersen wrote: >> POP-before-smtp is okay if remote clients does not sit behind NAT > > There may be issue if the IP address changes, e.g. for DHCP, dial-up or DSL > customer. > >> that problem is solved with smtp auth >
> others are, too. That's why I said that I don't recommend auth using > pop-before-smtp. > pop before smtp has always the security problem that you relay by ip, if users are nated behind a firewall the may fake their sender address so sasl smtp auth is the best solution, and has more option to reject by matching auth and sender address after all pop before smtp makes life more easy for some users and setups but it shouldnt be recommended in all setups these days -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
