The terminology is getting confusing.
"Sender Authentication" in the SPF / Sender ID / Domain Keys
sense means some entity somewhere can be held accountable,
at least accountable enough that we can key off
their domain name in a reputation system.
"SMTP AUTH" in the port 587 sense means that MUAs send a
username and password to outbound SMTP servers.
On Wed, Jul 28, 2004 at 07:57:55AM -0700, rogerk(_at_)queernet(_dot_)org wrote:
|
| You're putting the cart before the horse. Propose an authentication standard,
| THEN get it built into tools so it can be trivially used by non-technical
| users, THEN require its adoption.
|
| If users had a simple form into which they could put "permission-to-send
| password:" ONCE and have it happen automatically, it would be acceptable. But
| it has to be implemented in all major MUAs BEFORE you mandate it.
|
| Don't mandate it and put any burden of accomodation at all on the end users.
|
If this message means SMTP AUTH, example instructions can be
found at http://www.aota.net/Email/setupauth.php4
Bellsouth is one ISP that's rolling it out.
http://www.dslreports.com/forum/remark,10485779
Others will follow.
http://docs.yahoo.com/docs/pr/pdf/asta_soi.pdf