Toen wij Robert Arnold kietelden, kwam er dit uit:
Professional Software Engineering:
One solution (until the miscreants decide to rummage PCs looking for
login data) is for affected ISPs to start REQUIRING SMTP
authentication
This solution of smtp authentication assumes that creating accounts
with the given provider is secure against fraudulent signups. If
fraudulent account signups can be easily scripted/automated, then an
smtp authenticated server becomes a de facto open relay, since IP
access from external networks is usually not restricted (and usually
enhanced via listening on port 587 for access via external networks
that block port 25).
Important is: SMTP authentication for existing local users.
Access from external networks to the SMTP-server is blocked by most
ISPs. There is no real need to open it up for smtps.
My ISP is secure against fraudulent signups, so it allows sending
messages with SSL through port 465. That allows me to use my portable
PC via external networks, without sending plain passwords over a
stranger's lines.
--
Grtz, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail