From owner-freebsd-current Sun Aug 13 9:41:25 2000 Delivered-To: freebsd-current@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id A5C1737B8DA; Sun, 13 Aug 2000 09:41:18 -0700 (PDT) (envelope-from ume@mahoroba.org) Received: from localhost (IDENT:vyQkEcJcjv011TaVXKT7PjzlLu7bx6K29GW2RhwJDmsfcg025nO92/vejFKU743l@localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e7DGeDb44291; Mon, 14 Aug 2000 01:40:13 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Mon, 14 Aug 2000 01:40:09 +0900 (JST) Message-Id: <20000814.014009.55515200.ume@mahoroba.org> To: Kurt@OpenLDAP.org Cc: johan@granlund.nu, gshapiro@FreeBSD.ORG, hetzels@westbend.net, freebsd-current@FreeBSD.ORG Subject: Re: HEADS UP: sendmail updated from 8.9.3 to 8.11.0 in -current From: Hajimu UMEMOTO In-Reply-To: <4.3.2.7.0.20000813091232.00af8800@router.boolean.net> References: <14741.55147.202130.156007@horsey.gshapiro.net> <4.3.2.7.0.20000813091232.00af8800@router.boolean.net> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.6 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Sun, 13 Aug 2000 09:20:05 -0700 >>>>> "Kurt D. Zeilenga" said: Kurt> At 01:49 PM 8/13/00 +0200, Johan Granlund wrote: >I think we have to support rfc2554 autenthication (With MECH LOGIN for >Outlook) out of the box if we are serius about mailserver and security. Kurt> If you're serious about security, you shouldn't support LOGIN (or PLAIN) Kurt> unless adequate privacy protections are in place. If you're serious Kurt> about standards, you won't support LOGIN. I think so. Further worse, once PLAIN is activated by sendmail, netscape try to use AUTH, in anyway. If the user isn't registered in SASL db, the user cannot send mail anymore. That is, once you decide to use PLAIN, you must register all of your users in SASL db. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message