[Top] [All Lists]


2011-05-31 21:11:14

On May 31, 2011, at 6:56 PM, John Levine wrote:

The place it might have value would be high traffic webmail
servers, where a single application serves a large number of
users. The ability to keep a connection pool open might be
helpful. TCP setup and teardown isn't that expensive compared
to authentication, but TLS setup might be.

Seems to me that RFC 4954 provides the the AUTH=mailbox parameter
on MAIL FROM for just this scenario.

So it does. Not so much authentication as an assertion that
the client has already authenticated the user - which is going to
be at least as good, if not better, for the vast majority of webmail