Re: [exim] Is that SPAM? Or am I compromised?

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Is that SPAM? Or am I compromised?
On 13/03/2023 23:43, Gedalya via Exim-users wrote:
> 4. On ports 587, authentication should not be advertised before STARTTLS is issued.


A slight suggested relaxation of that rule: Only authentication methods
which are self-encrypted should be used on a cleartext channel.

That mean the same as your simpler rule for PLAIN and LOGIN, which are
the common ones. But the SCRAM family, for example, would be safe.
--
Cheers,
Jeremy