Re: [exim] Re: smtp authorization test via telnet?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Mmeburke at <-
MMarc Haber at ->
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: meburke
CC: exim-users
Subject: Re: [exim] Re: smtp authorization test via telnet?
meburke@??? wrote:

> Jakob wrote: (in response to POP-before-SMTP)
> the pros and cons on this? Or, alternatively, can you give me a short
> version of your thinking on this?

pop-before-smtp is merely hack, introduced because there smtp had no
authentication facility. But that is long ago, the smtp auth RFC is dated
March 99 and all today's email clients support smtp auth.

Why is pop-before-smtp a hack?
- does not work with some clients (e.g. OE, possible workarounds though)
- misuses a protocol to submit information for another protocol
- ... which can be submitted through the protocol itself
- possible race-conditions (though mostly irrelevant in practice)
- slower and more resource usage
- involves online parsing of logfiles or a hacked pop3d daemon
- needs a database or a special daemon to keep the login information
- therefore generates more points of failure

These are things that come to mind right now, there are possibly many more.




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] sophos puremessage[exim] Remote Domains Not Supported->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)