Re: [Exim] Smtp-auth for localhost?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAnand Renake at <-
 
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim-users
Subject: Re: [Exim] Smtp-auth for localhost?
Anand Renake <anandrenake@???> wrote:
> Hi!
>
> If i am using exim 3/4 or any other MTA, is smtp-auth necessary for
> localhost also?
> Or do people keep smtp-auth for localhost itself too.
>
> If i have relaying disabled does SMTP-auth helps in any way for the
> local machine.

The same thinking applies to localhost as with any other IP or group of
IPs - if you trust anything that is running / might ever run on it to send
mail within your policies, then no need to worry. In the case of localhost,
this would imply that you trust your local security and all your users. And
remember, all auth does is ensure that the person/script sending the mail
knows a userid and a password - it doesn't mean they'll necessarily behave
responsibly.

If you have an unsafe script (eg PHP) on the local box, it will still be
unsafe if you enable auth and hard-code the id/password into the script.

> Are there any performance or speed issues if SMTP-auth is enabled
> i.e. all the clients _should_ authenticate thru various allowed
> smtp-auth mechanisms.

No significant overhead.

Peter



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Smtp-auth for localhost?[Exim] IPv6 Socket Failed :( EXIM 4.41->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)