Les Mikesell wrote:
On Tue, 2004-08-10 at 09:12, Dave Williss wrote:
You mean like an employee on the road using a hotel's ISP or at a wireless hotspot connecting back to your mail server to send mail as from your company? _Make_ them use authentication.
Put a price tag on that. If you are selling a product, how many dollars worth of orders are you willing to discard because the potential customer sent a request for information through a public access point instead of their own ISP? Discarding their mail is the only way you can _make_ someone else do things your way. Is it worth it, when what really matters is the individual authentication and/or the message content? I just don't see much value in some untrusted third party's claim of authentication.
I'm feeling like you guys might be talking about different things...
Dave was talking about a road-warrior using his laptop at a hotel, or possibly a web-mail application (which I don't think has been mentioned here and is a very nice solution to those who just want to check/send mail quickly from some remote locale - and has the advantage of originating an email at the company's source mail server which would have it's approriate SPF record).
In the case of the MUA (LookOUT or mozilla) using AUTH/STARTTLS, the company's user would in all essence be originating/relaying emails through the companys SPF'd mail server in a nicely secure and proper fashion.
I do the same thing right now (still working on the webmail part). When I send this email, I'm sending it from my mail server even though I'm using Netscape at work 150miles away. The mail is relay'd via AUTH/STARTTLS. I have an SPF record.
Life is good.
On the other side, what are you referring to?
See yaz,
-Ben
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
