From owner-freebsd-security Fri May 18 8:12:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id C007637B423 for ; Fri, 18 May 2001 08:12:44 -0700 (PDT) (envelope-from ume@mahoroba.org) Received: from localhost (IDENT:TNn9i6n2dAL6W1nysxyoKezN4TGG02j3rPeYe0V3GNTCJfJMJijfg0QdyWMAI1bV@localhost [::1]) (authenticated as ume with CRAM-MD5) by peace.mahoroba.org (8.11.3/8.11.3/peace) with ESMTP/inet6 id f4IFAF122814; Sat, 19 May 2001 00:10:15 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sat, 19 May 2001 00:10:15 +0900 (JST) Message-Id: <20010519.001015.48821893.ume@mahoroba.org> To: huacheng@public.guangzhou.gd.cn Cc: freebsd-security@FreeBSD.ORG Subject: Re: AUTH and sendmail From: Hajimu UMEMOTO In-Reply-To: <002c01c0dfa8$c6ae8600$9201a8c0@home.net> References: <002c01c0dfa8$c6ae8600$9201a8c0@home.net> X-Mailer: xcite1.38> Mew version 1.95b119 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-Operating-System: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Fri, 18 May 2001 22:42:25 +0800 >>>>> "edwin chan" said: huacheng> I want to know if someone have good idea to resolve the problem ? huacheng> I heared newer sendmail support AUTH function, if user can pass the huacheng> authentication, mailserver can relay the mail they sent from everywhere: huacheng> 1. use AUTH function is a good idea ? I think so. But, your favorite mailer may have no support of SMTP AUTH, yet. huacheng> 2. use AUTH function can give us propriety security ? SMTP AUTH is superior to POP before SMTP. huacheng> 3. if outlook express support it, in what kind of auth ? Outlook Express supports LOGIN only. Since it uses plain password, you may want to use TLS in conjunction with SMTP AUTH. huacheng> 4. does anybody experience it ? We are using it in day-by-day use. But, though we are enabling TLS, we don't enable plain password such as PLAIN and LOGIN. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message