[EMAIL PROTECTED] writes: > > [EMAIL PROTECTED] wrote on 01/16/2004 12:30:33 > PM: > > I wonder if this can take off, in the face of so many people who > > have grown accustomed to sending legit mail with a sender address > > that has no relation to the account and domain they are using to > > send the mail. Like my columbia.edu address when I send from my > > home ISP's smtp server. Like my vanity domain address when > > I send from the ISP that provides connectivity to the hotel room > > I am in today. Not that I think this widespread "forging" of > > sender addresses is good. But it is widespread. > > As it's been said elsewhere, it won't take off until some of the biggies > adopt it - AOL, Yahoo, MSN. Then it might catch on. > > As for your vanity domain, you should be in control of the DNS entries and > you would add your ISP's mail server. For your Columbia.edu address, you > would probably need to find a way to deliver that from/through a permitted > sender. That would probably require SMTP after POP authentication, or VPN > into a trusted network.
We provide a POP/IMAP before SMTP capability on our Solaris/Sendmail mail server. It's a hack and if a user tries to send a message after the authentication is deemed to have timed out it fails. A better solution is for the mail server (and of course the client) to support SMTP authentication. Allowing authenticated connections (only) on an alternate port is also a good idea because some service providers force their customers to send mail via their own mail server by blocking outgoing connections to port 25. VPN is overkill in my view. I'd rather use SSL based services for secure remote access. -- John Stewart -- Computing and Communications Services, Carleton University Internet: [EMAIL PROTECTED] 613-520-2600x3707 "measure twice, cut once" _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
