North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal atsmtpng.org)
On Mon, 2002-08-26 at 15:47, Scott Gifford wrote: > > The problem that this deals with is the user who needs to dial in to > AOL and send mail from their corporate account. The proposed solution > is to tunnel mail through the corporate server, by proving your right > to relay via SMTP AUTH or else via a VPN. > > To make this work well requires support for SMTP AUTH and probably > STARTTLS (unless the company implementing this proposal wants > cleartext passwords flying over AOL's network) for all domains which > want to support Paul's proposal. This isn't necessarily all that > unreasonable, but should be spelled out more clearly, and makes > implementation much more involved. Precisely. It's only an issue for those who implement the feature. Another thought that came to mind was a sort of hybrid between this and the central registry of trusted servers. Rather than maintain a central registry, the mail-from server could provide its own registry of trusted keys for its own domain. Granted, this is probably just as complicated as widely implementing SMTP AUTH, but it does give a little more flexibility for those complaining that this would break "home-grown" mail servers. What I am mostly curious about is if there are any potential problems with those who choose to ignore the feature entirely. -dvd
|