[Mailman-Users] Some detail questions about migrating lists
Charles Marcus
CMarcus at Media-Brokers.com
Mon Mar 17 15:51:58 CET 2008
On 3/17/2008, Frank Griffin (ftg at roadrunner.com) wrote:
> They don't seem to want the risk of basic SMTP auth being cracked or
> sniffed, so they just refuse to relay for anything outside their IP
> block, period, no matter what.
<snip>
> Since I don't want to have to reconfigure may laptop every time I leave
> home, I need the relay service.
I'm confused... above you say that they don't allow relaying from
outside their network 'no matter what'... then you say you need their
relay service while outside their IP block...
You appear to be saying that it is when sending from outside their IP
block that they do this relay filtering based on an easily forged 'From:
header.
What I'm saying is that it is *much* easier to spook a 'From:' header
that to sniff/crack an unsecured smtp_auth session. Not that its *hard*
to sniff a plain text smtp_auth session - just that its harder than
spoofing a 'From:' header.
Any ISP that doesn't allow the use of TLS for sending while outside
their networks is not to be trusted, so my original comment stands - I'd
get another ISP if possible.
This has gone way OT for mailman though... sorry...
--
Best regards,
Charles
More information about the Mailman-Users
mailing list