Keith Moore wrote:
if you are coming from outside the network, you do not get
to "relay" through the network. You can post/submit from
within, you can deliver into the net or you can post/submit
from outside.
This is wrong. "outside the network" is irrelevant. What
matters is whether you are authorized to use that MTA to
submit messages to recipients not in the domain(s) for which
that MTA is authorized to accept incoming mail.
I read "inside" as "something avoiding SMTP AUTH like RADIUS",
"outside" as "roaming user, SMTP AUTH or SMTP-after-POP", and
the third case is an unknown stranger saying "HELO".
Simply 2476 or 2476bis vs. 2821. And what you later said,
tricks based on the MAIL FROM, is "enforced submission rights",
that's 6.1 in 2476 or 2476bis.
I'm sending comments to IESG separately.
They know 2476bis, it was approved some weeks ago. And the
relevant parts are the same as in RfC 2476 published 1998.
And if they don't like CRAM-MD5 what they'll get is LOGIN or
PLAIN _without_ TLS, sigh.
Bye, Frank
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf