Doesn't SMTP authenticate in clear text? If so, you would definitely want to encrypt the traffic from user to server.
HTH Jeremy Shelley MCSE, MCT, MCIWA, CIWCI, CCNA, A+, Net+, I-Net+ ------------------------------------------------------------------------ ----------------------------- Technical Trainer New Horizons of <Woo Hah Got You All In Check> ------------------------------------------------------------------------ ----------------------------- -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Saturday, March 09, 2002 9:08 PM To: [EMAIL PROTECTED] Subject: smtp auth doubts Importance: High -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi list, i am setting up a smtp server ( freebsd & qmail or sendmail ) for our organisation which will also be the domain mail server for the internet. we have users who are on both sides of the firewall ( inside the org as well as outside on the internet ) to pervent this server becoming a open relay we are planning to implement smtp auth before sending email. can anyone please who has done this sort of thing before elaborate more on pros and cons also can please send the snippet of actual code ( c, perl or any lang welcome ) that gets executed on client side while the smtp auth (plain) ( just trying to gauge the security impact of this kind of auth ) many thanks in advance, Regards, Aditya -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 Comment: PGP ID: BDE6 89FE 90AE BF0B 9E48 0183 F1DD 813E 6EE0 0231 iQA/AwUBPIY9OPHdgT5u4AIxEQKdbgCeL+Ri/fhYNm+ZCIbXvnfQZAo61AYAn2sc ojYRTWnzAukyslV8yMGWMfAg =qRrK -----END PGP SIGNATURE----- ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
