On Sun, 27 May 2001, Derek Balling wrote:
Well, you MUST (RFC2505, 2.1) prevent unauthorized use of your mail server as a mail relay.
So if your question is "since my local users don't have to authenticate themselves against my mail server, is there a rule that says I can't offer unauthenticated SMTP service to roaming users", I guess the answer is "yes, there IS actually a rule forbidding that."
Cheers, D
Derek, there is a subtle difference between the words you SHOULD and you MUST. The RFC you quoted is a "Best Current Practices" document. You know, like "The Surgeon General had determined that [insert your favorite vice here] is bad for your health". i.e, he can't order you MUST stop smoking, maybe you SHOULD consider it because yadayada. Now let's go back to 1997 and see how this baby was born. In Sep 1997, on this very list, Paul Vixie was known to have laid the seed: `Could somebody who hasn't been burned to a crisp by IETF politics please write a "Mail Relay Requirements" RFC that we can brandish at these vendors? (Dave Crocker seems like a logical choice for this given his past credits.)' Full text of the message at http://www.dotcomeon.com/relay_default.html
From this grew a business that puts food on the table for several members of this list. And now the paid enforcers and their groupies are brandishing it at legitimate network operators. There is a lot of money in the jackpot now, in case you haven't noticed, and dissent will not be tollerated.
If people would have paid attention then to the implications, this monster would have been nipped in the bud. Instead, their camel is now in your tent. And it's not even Uncle Sam's beast... So what was that Conan saying again? ;) --Mitch NetSide
At 9:18 PM -0400 5/27/01, Mitch Halmu wrote:
On Sun, 27 May 2001, Dan Hollis wrote:
On Sun, 27 May 2001, Roeland Meyer wrote:
You must not have a roaming staff or are willing to keep telcos wealthy.
roaming staff either use webmail or pop-before-smtp.
-Dan
Is there a rule that, except for local dial-in, we cannot offer the same services to a client located in a part of the world that we dont't have a dial-in POP as we offer to our local clients? Why shouldn't such clients be able to get their dial-in somewhere and the rest of their services from somewhere else? That includes using a remote SMTP server in the same way a local user can, period.
--Mitch NetSide
-- +---------------------+-----------------------------------------+ | dredd@megacity.org | "Conan! What is best in life?" | | Derek J. Balling | "To crush your enemies, see them | | | driven before you, and to hear the | | | lamentation of their women!" | +---------------------+-----------------------------------------+