From: Adam Jacob Muller (listsadam.gs)
Date: Wed Feb 27 2008 - 02:58:34 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

NAT.

-Adam

On Feb 27, 2008, at 3:49 AM, Stefan Wollny wrote:

> Adam,
>
> could you please point to where to find more information on why pop-
> before-smtp is highly insecure? Or provide here a little bit of
> background information?
>
> It would be really appreciated.
>
> Thank you!
>
> -STEFAN
>
>
>> -----Urspr|ngliche Nachricht-----
>> Von: "Adam Jacob Muller" <listsadam.gs>
>> Gesendet: 27.02.08 05:57:42
>> An: Juan Miscaro <scry_mryahoo.ca>
>> CC: Cameron Schaus <camschaus.ca>, miscopenbsd.org
>> Betreff: Re: pop-before-smtp and spamd
>
>
>>
>> pop-before-smtp is highly insecure.
>> Use SMTP auth.
>>
>> -Adam
>>
>> On Feb 26, 2008, at 6:33 PM, Juan Miscaro wrote:
>>
>>> --- Cameron Schaus <camschaus.ca> wrote:
>>>
>>>> Juan Miscaro wrote:
>>>>> Are there standard solutions for dealing with the obvious
>>>>> collision
>>>>> between pop-before-smtp and spamd (in greylisting mode)? I know
>>>> many
>>>>> will say to use SMTP AUTH but right now I want to try to get my
>>>> current
>>>>> setup to work. My first idea was to hack the pop-before-smtp Perl
>>>>> script to have the thing (daemon) add connecting/authenticating
>>>> sender
>>>>> IPs to a pf whitelist table. I'm running OpenBSD 4.2 (stable)
>>>>> with
>>>>> Postfix 2.5.
>>>>>
>>>> Why not use port 587 to send mail, instead of port 25, and only
>>>> allow
>>>>
>>>> SMTP Auth from this port.
>>>
>>>
>>> Right now I'm talking about using pop-before-smtp.
>>>
>>> /juan
>>>
>>>
>>> Looking for the perfect gift? Give the gift of Flickr!
>>>
>>> http://www.flickr.com/gift/
>>
>>
>
> --
> Mit freundlichen Gr|_en,
>
> STEFAN WOLLNY
> ---
> Regulatory Reporting Consultancy
> Tel.: +49 (0) 177 655 7875
> Mail: stefanwollny.de

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]