On 1/26/10 7:19 AM, "Ian Eiloart" <[email protected]> wrote:
>> I don't know. But having the From: freely editable might be an option. On >> the other hand we're enabling widespread email forgery. Should we care? > > No. We don't know which email addresses the user is authorised to use. > That's a matter for the admin of the Message Submission Agent to which the > user connects. > > What we *could* do is refuse to support SMTP without authentication. Um...no? Bad. Bad. Bad. Not nice making decisions about server setup for the server administrator. There are cases where you have to let people do stupid shit, because that's the only way they can use the client. I agree in principle, but actually doing this would be a very bad idea. > > We *should* allow the user to not store their password locally, and > possibly allow administrators to distribute versions where that's a > requirement. Allowing for non-local passwords can be a requirement in some situations. -- John C. Welch Writer/Analyst Bynkii.com Mac and other opinions [email protected] _______________________________________________ [email protected] mailing list List help: http://lists.ranchero.com/listinfo.cgi/email-init-ranchero.com
