Ian Eiloart <[email protected]> wrote: > On 18 May 2011, at 22:17, Heiko Schlittermann wrote: [...] >> Port 587: SMTP with our without STLS >> (should be used for mail submmission)
> Hmm, port 587 should really expect STLS, given that it's supposed to > require password negotiation. I know the MSA RFCs permit IP based > trust mechanisms, but they really should be restricted to clients on > a private local network that are not TLS capable. client authentication does not necessarily imply sending clear text passwords, see e.g CRAM-MD5. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
