Re: [Nmh-workers] modernizing smtp message submission

[Alexander Zangerl]

On Thu, 03 Jul 2014 21:44:38 -0700, Lyndon Nerenberg writes:
>> I didn't think that 587 requires AUTH;
>
>It does. That's its entire point.  (Read the RFC.)

that's not quite correct.

https://tools.ietf.org/html/rfc6409

4.3.  Require Authentication

   The MSA MUST, by default, issue an error response to the MAIL command
   if the session has not been authenticated using [SMTP-AUTH], unless
   it has already independently established authentication or
   authorization (such as being within a protected subnetwork).

so, accepting mail on 587 from localhost without smtp auth is fine,
localhost being classifiable as 'protected subnetwork'.

sendmail allows that automatically, for example.

regards
az


-- 
Alexander Zangerl + GPG Key 0xB963BD5F (or 0x42BD645D) + http://snafu.priv.at/
I keep six honest serving-men - (They taught me all I knew);
Their names are What and Why and When - And How and Where and Who
 -- Kipling

signature.asc
Description: Digital Signature