On Mon, 1 Feb 1999 [EMAIL PROTECTED] wrote:
> There may be. I'd not use SSH myself since it isn't free for commercial use.
> I'd have to buy the server copy of SSH to be able to offer it as a service
> that you pay for.
True - I'd forgotten that aspect of it.
> OTOH, there is vppp which is a tunnel that does PPP over TCP with some lite
> authentication. That may be adequate where SSH is probably overkill.
Depends on what you want. What's the authentication for vppp? If it's
just passwords in the clear, I'd rather not use it. I've got sshd set
up already - I've turned off anything that connect to my machine with
clear-text passwords, as we have password sniffing. Given that I've
got sshd installed, and no ppp set up at all, guess which is easer for
me. If the cost for sshd commercial use was sufficiently high, there
are freeware ssh clients for windows. It might be possible to work
that into a freeware ssh server as well.
If you're worried about privacy, using ssh means your email is
encrypted through to my server.
> And don't forget that while many people are shutting out spammers from dialup
> ports at the server end, some (including we) are blocking SMTP on the dialup
> itself (except to local servers). We've had several cases of hit-and-run
> spammers in the past, but none since that filtering was put in place.
Not a problem. The connection you'd see is identical to an ssh login
connection; there's no way for you (as an ISP) to tell whether the
client is tunneling X, NNTP, STMP, or whatever through it.
Which brings something to mind - there's been some talk of replacing
SMTP with something that includes authentication. I hope that anyone
doing this looks into encrypting the email end-to-end at the protocol
level. It might be that the existing UMA/UMA encryption technologies
are cleaner than anything you can do at the protocol level, but it
bears looking into.
<mike
