Salut, Marco, On Fri, 17 Oct 2008 15:21:59 +0200, Marco Fretz wrote: > Of course I know what you mean. That's the thing every webhoster have > to fight with. Last year I was on the Secure Linux Admin Conference in > Berlin. There was a workshop how to protect shared hosting > webservers...
I am talking about the recipient side. I don't think it's a safe
assumption that all scripts _your_ _mail_ _users_ will receive mail
from are under your control.
> If I remember correctly the 2nd or 3th step was: prevent the users
> from using SMTP (or any other port) to the internet and only allow the
> destination you choose, your mailrelay servers, http proxy, etc.
That is great, but not everyone does that. In fact the number of
providers which do that is fairly low. I would do so myself, also for
the reason that this prevents people owning a web service to spam
around in a volatile manner, but that's not the point at all.
> crap customer scripts don't look like a reasonable argument against
> greylisting to me. though some webhosting customers might send mails
> with their mailer script to recipients which are not on your mail
> server and this other mail server maybe is also protected with
> greylisting, ergo same problem ergo problem not solved...
For the receiving server, it is.
> do you see what I mean, now? :) or maybe I didn't fully understand the
> issue you had.
No, you don't.
> but agreed it's always hard to decide if you want "secure" systems or
> "happy" users.
That would be true if there was no way around greylisting, but there is.
Tonnerre
signature.asc
Description: PGP signature
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
