OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: pop-before-smtp (was Re: FreeInet and checking mail?)
From: Bennett Todd (betrahul.net)
Date: Fri Jun 02 2000 - 09:13:31 CDT

2000-06-02-00:40:05 James:
> Thanks for the replies. I should have mentioned that the user doesn't
> seem to like to use freeinet for his email. But I figured it would be
> more professional if he could use my server instead.
>
> I'll look at DRAC or Bennett's solution.

Of the two, DRAC is the more powerful solution. It's definitely the
one to use if you need to support a server farm, with multiple
distinct machines for pop and/or imap servers and for smtp servers.

My solution is much much simpler, and quite possibly a more
appropriate fit if you have one mail server doing pop/imap and smtp.
Certainly easier to install and configure. I attach the current
version --- the one on the postfix site is a good bit older.

Both DRAC and my pop-before-smtp daemon are blecherous, disgusting
abuses of coincidences in email client implementation, tying
together protocols that have no relation to one and other in a
wholly inappropriate way. The _RIGHT_ way to do this is with one of
the solutions like SMTP AUTH, or the SASL stuff, allowing a client
to directly and specifically authenticate itself to the SMTP server.
Or use something like ssh to tunnel to the server, that works great
too. Or carry the SMTP over SSL authenticated with certificates.
Lots of _nice_ solutions out there. But pop-before-smtp, whether
implemented with my daemon or with DRAC, remains the most
widely-supported solution; if you have to support diverse clients
chosen by your users, you probably have to use one of these hacks.

-Bennett

  • application/pgp-signature attachment: stored