[EMAIL PROTECTED] wrote:
We really need to press for smtp-auth to become the standard of the 21st century.
How will that fix anything? This only fixes mail within the confines of a domain but inter-domain mail wouldn't be protected by this at all. http://en.wikipedia.org/wiki/SMTP-AUTH says:
SMTP-AUTH provides an access control mechanism. It can be used to allow legitimate users to relay mail while denying relay service to unauthorized users, such as spammers. It does not guarantee the authenticity of either the SMTP envelope sender or the RFC 2822 "From:" header. For example, spoofing, in which one sender masquerades as someone else, is possible even with SMTP-AUTH. The SMTP-AUTH extension also allows one mail server to indicate to another that the sender has been authenticated when relaying mail. In general this requires the recipient server to trust the sending server, meaning this aspect of SMTP-AUTH is rarely used in the Internet. The recipient of an e-mail message cannot tell whether the sender was authenticated, so use of SMTP-AUTH is only a very partial solution to the problem of spam.
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
