On Fri, Mar 23, 2018 at 08:27:11PM +0000, Brian wrote:
Having authenticated to get on the network it is superfluous to ask for further authentication to send mail (or browse the web), wouldn't yousay?
No, because:1) it's quicker and easier to address spam issues if there is a client login associated with each email. It's possible to correlate network logins with email activity, but especially since the people running email are typically not the people running the network, it's harder.
2) they want the same configuration on your laptop to work whether you're at home or at starbucks.
3) now that email headers are often signed, you really want some kind of authentication that the person claiming to be the sender is actually the sender before you put on a cryptographic signature confirming that they are. If you only authenticate based on IP, any ISP user can claim to be any other ISP user.
Mike Stone