RE: Re[2]: nat
In my old work, we had international mail users on different ISPs so we
issued mail clients that support CRAM-MD5 authentication to everyone and
blocked anyone from anywhere who didn't authenticate. Very nice and
practically transparent for the user.
Matthew
> -----Original Message-----
> From: brian moore [mailto:bem@rom.org]
> Sent: Wednesday, 11 October 2000 11:57 a.m.
> To: debian-isp@lists.debian.org
> Subject: Re: Re[2]: nat
>
>
> On Tue, Oct 10, 2000 at 07:42:36PM +0200, Russell Coker wrote:
> > On Sun, 08 Oct 2000, Kevin wrote:
> > >Wouldn't that also prevent the users from using legitimate outside
> > > mail servers?
> >
> > Are there any legitimate outside mail servers?
>
> Sure, lots.
>
> > If a mail server accepts mail from anywhere and relays it then
> it is probably
> > listed in ORBS and MAPS and mail sent to it won't get very far.
> >
> > The only exception is people who do the "if POP request has
> come from an IP
> > in the last 10 minutes then allow mail relaying" thing. That
> number is so
> > low that they could be made exceptions to the redirection rule on a
> > case-by-case basis.
>
> Um, no.
>
> Lots of servers allow pop-before-smtp. And with the advent of SMTP Auth
> (supported by most MTA's and even most MUA's), a huge number of servers
> allow relaying from authenticated users. (And judging from my logs,
> many clients happily authenticate even when they don't need to.)
>
> Probably most clueful ISPs allow pop-before-smtp or SMTP Auth or both.
> It's trivial to set up and it saves a ton of hassles from roaming users
> or users with more than one ISP.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
Reply to:
- Follow-Ups:
- Re: nat
- From: Florian Kunkel <f.kunkel@net-operations.de>