>I'm not talking about dumb defaults, I'm talking about a sys admin being >able to config his servers properly.
Default in a Win2003 domain is not to allow anonymous binds on LDAP. And I assure you that _is_ a secure config for AD. >It is entirely possible to allow a trusted local server to validate >recipients without having to auth and without creating a security problem. Yeah, this server is in a physically remote site, it could be joined to the domain and I have to look at this option to see if it works, but this has not been deployed yet in this scenario, I am still researching how "to config my servers properly"... ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
