From owner-freebsd-security  Fri May 18  8:12:53 2001
Delivered-To: freebsd-security@freebsd.org
Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34])
	by hub.freebsd.org (Postfix) with ESMTP id C007637B423
	for <freebsd-security@FreeBSD.ORG>; Fri, 18 May 2001 08:12:44 -0700 (PDT)
	(envelope-from ume@mahoroba.org)
Received: from localhost (IDENT:TNn9i6n2dAL6W1nysxyoKezN4TGG02j3rPeYe0V3GNTCJfJMJijfg0QdyWMAI1bV@localhost [::1])
	(authenticated as ume with CRAM-MD5)
	by peace.mahoroba.org (8.11.3/8.11.3/peace) with ESMTP/inet6 id f4IFAF122814;
	Sat, 19 May 2001 00:10:15 +0900 (JST)
	(envelope-from ume@mahoroba.org)
Date: Sat, 19 May 2001 00:10:15 +0900 (JST)
Message-Id: <20010519.001015.48821893.ume@mahoroba.org>
To: huacheng@public.guangzhou.gd.cn
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: AUTH and sendmail
From: Hajimu UMEMOTO <ume@mahoroba.org>
In-Reply-To: <002c01c0dfa8$c6ae8600$9201a8c0@home.net>
References: <002c01c0dfa8$c6ae8600$9201a8c0@home.net>
X-Mailer: xcite1.38> Mew version 1.95b119 on Emacs 20.7 / Mule 4.0
 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?=
X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc
X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91  05 D0 B3 EF 36 9B 6A BC
X-URL: http://www.imasy.org/~ume/
X-Operating-System: FreeBSD 5.0-CURRENT
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

>>>>> On Fri, 18 May 2001 22:42:25 +0800
>>>>> "edwin chan" <huacheng@public.guangzhou.gd.cn> said:

huacheng> I want to know if someone have good idea to resolve the problem ?

huacheng> I heared newer sendmail support AUTH function, if user can pass the
huacheng> authentication, mailserver can relay the mail they sent from everywhere:
huacheng> 1. use AUTH function is a good idea ?

I think so.  But, your favorite mailer may have no support of SMTP
AUTH, yet.

huacheng> 2. use AUTH function can give us propriety security ?

SMTP AUTH is superior to POP before SMTP.

huacheng> 3. if outlook express support it, in what kind of auth ?

Outlook Express supports LOGIN only.  Since it uses plain password,
you may want to use TLS in conjunction with SMTP AUTH.

huacheng> 4. does anybody experience it ?

We are using it in day-by-day use.  But, though we are enabling TLS,
we don't enable plain password such as PLAIN and LOGIN.

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message