On Thu, Nov 01, 2001 at 12:29:07PM -0500, Christopher Curtis wrote:
> Perhaps my understanding here is deficient, but here is the thing: I want
> people running a MUA to be forced to do TLS. This works now because I
> refuse to relay unless they are authenticated, and they can only
> authenticate via TLS. This fails for local->local delivery (I can force
> neither), but is the best I can get at this point. Nobody will be sending
> mail directly from the machine or from its network, and will be sending
> from various random networks from around the world as they travel.
OK. Perhaps my understanding is deficient here, but what's the advantage
of not using the inbuilt authentication mechanisms in TLS, which are rather
stronger, due to relying on signing, then something relying on the crypto
to "transmit a plaintext password securely"?
Surely it's easier to issue the users with personal certificates, and then
verify them at the server (something that is trivial with OpenSSL and exim)
and then decide whether to relay.
Of course there are some problems with this model, I believe I've pointed
them out here before, but I would suggest that the sockaddr that runs
your smarthost is not the same as the sockaddr that is your primary MX.
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/
