On 7/28/12 1:09 AM, Eric Shubert wrote: > A potential problem just occurred to me though. QMT uses the (preferred > default) submission port 587, and includes a qmail-smtpd patch which > forces authentication (export REQUIRE_AUTH=1). While spamdyke wouldn't > typically be used on the submission port (since all connections must > authenticate, the filters are pointless), I would still consider putting > spamdyke in the submission pipe for a) authentication and b) logging > capabilities. Spamdyke would need an smtp-auth-level=required option (or > some such) in order to do this though. I haven't asked for this > enhancement yet, have I? I guess I'm asking now. I have a different setup. I do use the submission port does authorization only and allows relaying. The smtp port does no authorization or relaying (except relaying from ip addresses internal to my LAN). In my setup, spamdyke is only on the smtp port.
In the 25+ years of running a mail server, I've had only two incidents where spammers had gotten the password for a user. They were easily detected by scanning the logs and the accounts shut down quickly. Gary _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
