RE: Mail Server
On Fri, Jun 28, 2002 at 07:53:03AM -0400, FreeportWeb Debian Support Account
wrote:
| Actually, your both not totally correct. If you follow the "Life
| with qmail" document, its called "vpopmail smtp authentication".
[POP-before-SMTP]
ok...
| -- hence nobody can actually send e-mail through the server unless
| they have a username and password for qmail -- which is simply a
| passwd file that is managed by the vpop admin tools.
>>Actually, if someone else acquires that IP address before it expires
>>from the cache, you've just opened up a nice open relay for them :-).
>>Use SMTP AUTH -- it does what you intend for it to do.
I disagree.
The likely hood of someone "aquiring" your IP address, even as a DCHP
client, before it leaves the cache, then knowing your user name or
password, then having the ability to connect to the mail server
(remember, you need both to authenticate) is highly unlikely.
Hey, *Nothing* is impossible, but I'm willing to bet that
you'd be hard pressed to expose a mail server this way as an open relay.
This is the way Yahoo! does it with their SMTP/POP3 client, this doesn't
mean its impossible to crack, but I think the percentage is very low.
And lets face it, SPAMMERS have much more fruit to pick from than trying
to crack a qmail vpop-before-smtp scheme.
IMHO.
[good stuff about exim snipped]
No doubt, the person asked for "something simple" and Exim might be the
answer for their requirements.
Incidently, qmail is also free, and you can also get it with an apt-get.
You just need to configure it, as its far more complex than Exim is,
its also much more secure than most of the packages out there (i.e.
Sendmail).
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.372 / Virus Database: 207 - Release Date: 6/20/2002
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: