[Exim] SMTP AUTH process

Startseite
Diese Nachricht ist Teil des folgenden Threads:
MDer komplette Thread sortiert nach Datum
M 
Rick Ennis am ->
Nachricht löschen
Nachricht beantworten
Autor: Rick Ennis
Datum:  
To: exim-users
Betreff: [Exim] SMTP AUTH process
I have a quick (and possibly overly simple) question about SMTP AUTH.

You configure the server and client sides to agree on a "secret," which is
basically a password. But whether you do a DB lookup to match it to a
domain or just have a simple one hardcoded in your config.... whether you
send it PLAIN text or hash it with CRAM-MD5... isn't the string that a
given client sends to the server always the same? And if so --and you're
*not* using TLS-- isn't that essentially a static password sent in the
clear? So that's just like using "telnet" in this age of "ssh," right?

Is that not how it works? Maybe I don't understand what's really
happening.
OR, are most people that are setting up SMTP AUTH also using TLS??

I just want to make sure I understand what I'm configuring. Thanks.

--
Rick Ennis
ennis@???




Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Exim-users
Mailing-List-Info | Nachrichten um die Zeit		<-Re: SV: [Exim] I'm a total newbie to Exim[Exim] relaying problem...open relay with exim, need help->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)