Re: ingress SMTP

• From: Jay R. Ashworth
• Date: Wed Sep 03 15:00:23 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Wed, Sep 03, 2008 at 12:58:53PM -0400, Nicholas Suan wrote:
> On Sep 3, 2008, at 12:49 PM, Jay R. Ashworth wrote:
> >You're forgetting that 587 *is authenticated, always*.
> 
> I'm not sure how that makes much of a difference since the usual spam  
> vector is malware that has  (almost) complete control of the machine  
> in the first place.

Well, that depends on MUA design, of course, but it's just been pointed
out to me that the RFC says MAY, not MUST. 

Oops.

Does anyone bother to run an MSA on 587 and *not* require authentication?

Cheers,
-- jra
-- 
Jay R. Ashworth                   Baylink                      [email protected]
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com                     '87 e24
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274

	     Those who cast the vote decide nothing.
	     Those who count the vote decide everything.
	       -- (Josef Stalin)

• Follow-Ups:
  • Re: ingress SMTP Joel Jaeggli
  • Re: ingress SMTP Tony Finch
  • Re: ingress SMTP Valdis . Kletnieks

• References:
  • ingress SMTP *Hobbit*
  • Re: ingress SMTP Justin Scott
  • Re: ingress SMTP Jay R. Ashworth
  • Re: ingress SMTP Michael Thomas
  • Re: ingress SMTP Jay R. Ashworth
  • Re: ingress SMTP Nicholas Suan

• Prev by Date: Re: ingress SMTP
• Next by Date: Re: ingress SMTP
• Date Index
• Thread Index
• Author Index
• Historical