-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> > Basically, it's just telling a server "hey, if you've got
> > any mail for host X, you should try sending it now".
>
> Yes, and it will send it over the already running SMTP session
> in which the ETRN command was issued.
No it won't. It starts a new SMTP session, originated by the server.
The SMTP session is basically one way traffic. You open it, you
stuff all your mails and commands and the other side just sighs
"250 ok" or "550 bugger off". If you want mails coming to you, you
tell the other side to open a new connection.
> So what keeps me away
> from telnet'ing to some SMTP server that I know does ETRN for
> domain foo.bar.com and shoot a 'ETRN foo.bar.com' at it and
> it will happily send me all of foo.bar.com's mails?
... only the fact that it wouldn't work.
> This is true, but it only works iff your dialup clients have static IP
> addresses.
No; with a moderate amount of hacking (aren't there scripts on
www.qmail.org) you can kick SMTP after verifying some shared
secret - like POP3 password. You can kick maildir2smtp from any
network-listening program basically... The amount of security is in
your hands, as usually happens in Un*x world.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBN6XZWlMwP8g7qbw/EQJHHACgtVgeO89+YqYAlA7XhS0WZlALyxAAoNOi
TBO8MTWBUowriNLnYEdw+N/y
=GmGc
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
