> I thought the "Disable SMTP AUTH reporting" only disabled the
> feature that responds to requests if a user name is a user on
> the server, disabling results in no-one being able to verify
> a user to use for spam purposes. I didn't think it has
> anything to do with actual authorization or requiring login.
You may be thinking of the "Disable SMTP "VRFY" command". That's the one that
spammers can use to find out what accounts are valid on your server. Actually, they
can just pretend to send mail to users, and they will find out, so the disabling the
VRFY command just makes it a small amount of more work for the spammers.
SMTP AUTH is the one that lets users authenticate against the server. If this is used
with "Relay for Addresses", you will be pretty safe from spammers. "Disable SMTP AUTH
reporting", as Len mentioned, doesn't actually turn off SMTP AUTH (people can still
use it), but IMail won't announce to the mail client that SMTP AUTH is available (so
most clients won't use it).
--
-Scott
Declude: Anti-virus and Anti-spam solutions for IMail. http://www.declude.com
--
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
