Author: James P. Roberts Date: To: Matt Bernstein CC: exim-users Subject: Re: [Exim] AOL blocks SSL/TLS?
<snip>
I do hope you're insisting on AUTH on localhost:25, otherwise
congratulations you're an open relay on port 465 ;)
I have a similar setup to you, but I forward to port 587 which requires
AUTH. (See one of my posts from about two-three weeks ago--search for
"thanks stunnel".)
Matt: Yes, I require AUTH for all connections. Thanks. - Jim
<long pause>
Arrrrrgh!!! I have to admit it, I double-checked, after getting your
message, and sure enough, localhost was exempted from AUTH requirement.
I was an open relay on port 465 for almost a whole day. Fortunately, my
logs indicate no damage was done. I have modified my ACLs to correct
this (I hope). Thank you very much for encouraging me to really study
my ACLs!