ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?

2003-12-15 19:59:49
from [Hector Santos] [Permanent Link] 
My only input with this would be to be aware that ESMTP AUTH is typically
also used to open routing access in addressing the dynamic IP roaming user.
It also enforces a non-null address, and in our case, optionally enforces or
restricts the return path domain provided.

In other words, ESMTP AUTH trumps all.   LMAP or no LMAP,  it opens routing
to users.

Note, there are 3 basic ways email (smtp/pop3) server vendors open access to
relaying/routing:

1)  The traditional IP relay tables
2)  ESMTP AUTH
3)  POP3 BEFORE SMTP

The latter often used by ISP to reduce the user support issues created by
the first two.  The first doesn't help the roaming user problem and the
second require ESMTP ready end-user software and additional ISP setup
instructions for the user.

However, POP3 BEFORE SMTP is based on the premise that most end-user mail
software POP3 into a system before SENDING any mail.   For example, you will
see this option in Outlook as

            (*)  Pick up mail first before sending mail

or something like that as alternative option to ( ) Server requires login to
send mail.

-- Hector

----- Original Message ----- 
From: "Philip Miller" <millenix(_at_)zemos(_dot_)net>
To: "Alan DeKok" <aland(_at_)ox(_dot_)org>
Cc: <asrg(_at_)ietf(_dot_)org>
Sent: Monday, December 15, 2003 5:57 PM
Subject: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?



Alan DeKok wrote:



About Section 2.1.2  "Why prevent domain forgery, instead of end-user
forgery?":
End-user authentication definitely has some bearing on the workings of
LMAP. If some major mail-originating domain implemented LMAP, but made
no provision to prevent transmission of spam or forged messages through

the

authorized servers, what good has it done? Worst case, you could have
LMAP-listed open relays.
We should definitely at least recommend the use of SMTP AUTH within

domains

in tandem with LMAP.

--
Philip Miller


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg





_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Yakov Shafranovich
Next by Date:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Philip Miller
Previous by Thread:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Yakov Shafranovich
Next by Thread:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Philip Miller
Indexes:  [Date] [Thread] [Top] [All Lists]