On Fri, 3 Mar 2006, Clive McDowell wrote:
>
> we have a problem with mail.app and also kmail. Our site only advertises
> AUTH for IP addresses outside our domain for the reasons explained in the
> Exim book. For some reason mail.app and kmail will only authenticate
> correctly if AUTH is advertised. This happens over ports 25, 465 and 587.
> Both Thunderbird and Outlook seem to work OK without AUTH being advertised.
> Is this a problem with mail.app and kmail or is there something in Exim we
> can tweak to get this working?
Mail.app and kmail are behaving much more safely than Thunderbird and
Outlook. If the MUA sends email without authenticating when it is
configured to authenticate, then the user is vulnerable to man-in-the-
middle attacks.
It's much better to advertise AUTH to all clients, then clients can use
the same configuration wherever they connect from. This makes them less
vulnerable to attack and should make it easier to handle support queries.
It also puts you in a better position to benefit from future anti-spam
techniques that are based on properly authenticated email.
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
