North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP authentication for broadband providers

  • From: Will Yardley
  • Date: Tue Feb 10 20:57:08 2004

On Tue, Feb 10, 2004 at 08:42:29PM -0500, Dan Ellis wrote:
> I'm looking for comments on whether this is generally seen as a positive
> change or a waste of time (ie - will the next virus or worm gleam your
> SMTP username and password from Outlook Express and use it to
> replicate/SPAM)?  

I've only seen one virus or worm so far that has done this (we are a
hosting provider, so any users who use our mail servers are using SMTP

> Is anyone aware of any well known mail clients that do not support SMTP
> authentication (Unix, Windows or Mac)?
Not many of the major ones. There are some differences in the
authentication methods supported, however - many don't support methods
other than LOGIN and / or PLAIN. There are also (surprise) some
client-specific bugs with various mailers... Lookout Distress (version
4) for example, has some problems; see the "broken_sasl_auth_clients"
config directive if you're using Postfix (google for that string to find
out more information about this particular problem).

"Since when is skepticism un-American?
Dissent's not treason but they talk like it's the same..."
(Sleater-Kinney - "Combat Rock")