On Sat, Oct 14, 2000 at 08:21:48PM -0400, Maillist wrote:
> I understand its some sort of an authentication protocol. But could someone
> explain how it works or point me to where I can get come answers. Thanks
It's really simple. Generally SMTP is an unauthenticated service. That is, you
do not log in to an SMTP server (although you can).
Consequently if someone wants to use your SMTP server to send mail, how do you
decide whether they can or not? The simple way is to say that only certain IP
addresses can use your SMTP server and since you know the IP addresses of your
own network, then it's easy.
But what if your CEO is wandering around the planet dialing in via an ISP and
wants to use your SMTP server to send mail (because they have outlook/eudora/whatever
configured that way and changing it is a pain for a technophobic CEO)?
You have no way of knowing that that particular connection to your SMTP server is
your CEO do you? But if the CEO first collects their mail via POP - which means
identifying themself and their current IP address with a user and password then you
know
that on that IP address is your CEO.
Sooooo. POP before SMTP is all about saying you know who is on a certain IP address
because they just authenticated via the POP server - accordingly your SMTP server
can allow relay connections from that IP address because it's someone you know and
love.
Of course if they are connected via an ISP, then it's likely that the same IP address
will be given to someone else soon enough. This is way most POP before SMTP
implemtations
only retain the authenticated IP address for a short while - say 5-10 minutes.
Regards.
