Re: [Exim] confused with ETRN

Etusivu
Poista viesti
Vastaa
Lähettäjä: David Woodhouse
Päiväys:  
Vastaanottaja: exim-users
Kopio: Steve Foster
Aihe: Re: [Exim] confused with ETRN
ph10@??? said:
> No. That was what TURN used to do. It was a security exposure. That
> is why ETRN was invented.


TURN was only a security risk before TLS allowed connecting hosts to
properly authenticate themselves.

In fact, even TLS isn't required to make TURN safe -- the case where I've
most wanted TURN support in the past was Demon's mail servers, where my IP
address alone is sufficient to authenticate me -- if an attacker is dialled
into their network and has got my IP address, they'll be getting my Demon
mail _anyway_ -- when Demon eventually decides to send it, that is.

TURN would be quite hard to do properly in Exim though, wouldn't it?

--
dwmw2