On Mon, 4 Oct 2004, James Couzens wrote:
As regards not having control over your border machines I should think
that your job is near impossible? Through your use of the english
"Technically, I do not have control..." I assume that you do exercise in
someway shape or form control over them or else you wouldn't be working
on what you are working on.
I meant that my principal technical restriction is that I don't have
control over all our border email machines. Some of them are run by
departments independent of the central email systems that I look after.
Therefore I choose the line between inside and outside for the purposes of
bounce address tagging and untagging to be marked by my MSAs and MDAs,
rather than my border MTAs. This has the benefit of providing some fairly
strong bounce address forgery protection for internal email traffic,
because my MTAs can verify bounce addresses in the course of relaying
messages around the University.
I find myself in an equally compromised position as regards the
political and monetary motivations behind the implementation of any such
technology. On the one hand, our customers are sick of Spam. On the
other hand they refuse through either a sick inability to use their god
given right to learn and think or simply through their own selfish and
ignorant want of doing whatever they please and "dear god I just learned
how to do this e-mail thingy this way, now you want me to learn how to
do it that way?!". I've been told that under no circumstances shall we
put SMTP-AUTH into place, and this decision is the direct result of a
test that happened about a year ago that led to swamping our helpdesk
with cries of Armageddon and countless threats in addition to actually
loosing customers to our competition.
I've deployed SMTP AUTH as an option for our users. It's required for
roaming users, who in the past had to reconfigure their SMTP server
setting according to their local network. Now they don't have to keep
reconfiguring so it has made things simpler. Bounce protection will be
another feature available only to SMTP AUTH users. We have to do things
through a process of gentle encouragement and clear benefits, without
disrupting existing behaviour too much.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
EAST VIKING NORTH UTSIRE SOUTH UTSIRE EAST FORTIES: SOUTH 7 TO SEVERE GALE 9
VEERING WEST 6, BACKING SOUTH INCREASING GALE 8 LATER. RAIN THEN SHOWERS.
MODERATE OR POOR BECOMING GOOD.