Re: [exim] Is that SPAM? Or am I compromised?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Gedalya at <-
MMGedalya at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Is that SPAM? Or am I compromised?
On 13/03/2023 23:43, Gedalya via Exim-users wrote:
> 4. On ports 587, authentication should not be advertised before STARTTLS is issued.

A slight suggested relaxation of that rule: Only authentication methods
which are self-encrypted should be used on a cleartext channel.

That mean the same as your simpler rule for PLAIN and LOGIN, which are
the common ones. But the SCRAM family, for example, would be safe.
--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Is that SPAM? Or am I compromised?Re: [exim] Is that SPAM? Or am I compromised?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)