On Nov 29, 2009, at 4:30 AM, Patrick Ben Koetter wrote:
What would we have to do, to make port 587 the default port? In
section 4 the RFC says, a MSA MUST do all of the following:
- General Submission Rejection Code
- Ensure All Domains Are Fully-Qualified
- Require Authentication
To cut it short: 1. and 2. are trivial (at least in Postfix and I
don't know the others MTAs well enough to tell for them too). 3. requires to
add SMTP AUTH functionality to Mailman's SMTP client.How should we implement SMTP AUTH in the MM SMTP client?
I propose for a start plaintext (PLAIN, LOGIN) and shared-secret
mechanisms (CRAM-MD5, DIGEST-MD5) should be added to the SMTP client. Those are
the ones used most widely in every day SMTP AUTH.Later implementations could add GSSAPI and EXTERNAL. If plaintext
mechanisms are added we should also consider to add STARTTLS functionality to
MM's SMTP client to shield credentials while they are sent in a plaintext
authentication session.
Should we decide to do this, changing the port number is easy.
There's already a configuration variable for this (currently set of
course to 25).
As for implementing SMTP AUTH, we are limited by what Python's smtplib
supports. From a cursory inspection of the module in Python 2.6, it
looks like it supports PLAIN, LOGIN, and CRAM-MD5. That may mean that
the only thing we need to add to Mailman is plumbing for setting the
user name and password in the config file.
Please open a bug on the Mailman project in Launchpad for this.
-Barry