On 5/14/06 3:45 PM, "Tony Finch" <[EMAIL PROTECTED]> wrote:
> The right thing for the default configuration file is to make it easy to > implement the well-established consensus, which AFAICT for authentication > is TLS+PLAIN (+LOGIN). But if you need to account for TLS+PLAIN (+LOGIN) plus port 25 blocked for one or more customers using Outlook Express, you also have to get into SSL on connect, whether on the now-stolen 465 or some other port. > > I think that once a user understands enough to implement these, SPA should > be simple, and since it's non-standard I'm disinclined to add it to the > default configuration and let people who need it read the spec. I don't disagree with that at all. Indeed, SPA is simple to implement once one reads the spec about it. Do any of you have sharable information of how many cases of Netscape 4 are still found in the general ISP-client population? Although Qwest generally does a good job of enforcing their "RADIUS must supply a suitable port 25 filter rule" for outsourced modems, it would be nice to start requiring authentication except on connections we actually control--but doing that causes Netscape 4 users to be prompted for their password when they first send mail after starting the program. That caused many support calls when we first went to the outsourced modems. --John -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
