Adam, could you please point to where to find more information on why pop-before-smtp is highly insecure? Or provide here a little bit of background information?
It would be really appreciated. Thank you! -STEFAN > -----Urspr|ngliche Nachricht----- > Von: "Adam Jacob Muller" <[EMAIL PROTECTED]> > Gesendet: 27.02.08 05:57:42 > An: Juan Miscaro <[EMAIL PROTECTED]> > CC: Cameron Schaus <[EMAIL PROTECTED]>, [email protected] > Betreff: Re: pop-before-smtp and spamd > > pop-before-smtp is highly insecure. > Use SMTP auth. > > -Adam > > On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote: > > > --- Cameron Schaus <[EMAIL PROTECTED]> wrote: > > > >> Juan Miscaro wrote: > >>> Are there standard solutions for dealing with the obvious collision > >>> between pop-before-smtp and spamd (in greylisting mode)? I know > >> many > >>> will say to use SMTP AUTH but right now I want to try to get my > >> current > >>> setup to work. My first idea was to hack the pop-before-smtp Perl > >>> script to have the thing (daemon) add connecting/authenticating > >> sender > >>> IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable) with > >>> Postfix 2.5. > >>> > >> Why not use port 587 to send mail, instead of port 25, and only allow > >> > >> SMTP Auth from this port. > > > > > > Right now I'm talking about using pop-before-smtp. > > > > /juan > > > > > > Looking for the perfect gift? Give the gift of Flickr! > > > > http://www.flickr.com/gift/ > > -- Mit freundlichen Gr|_en, STEFAN WOLLNY --- Regulatory Reporting Consultancy Tel.: +49 (0) 177 655 7875 Mail: [EMAIL PROTECTED]
