On Oct 20, 2006, at 8:14 PM, Rick Romero wrote:
I have an auditor who is telling me that allowing non-SMTP-AUTHd
clients
to use a valid local user in MAIL FROM: is a potential spoof, and a
security vulnerability.
I don't know if it came up in the original thread, but enforcing that
Quoting Tom Collins [EMAIL PROTECTED]:
On Oct 20, 2006, at 8:14 PM, Rick Romero wrote:
I have an auditor who is telling me that allowing non-SMTP-AUTHd
clients
to use a valid local user in MAIL FROM: is a potential spoof, and a
security vulnerability.
I don't know if it came up in the