At 2:02 PM -0700 2005-06-30, Mike Leber wrote:
In practice if your remote users don't use the submit port on your servers it gives rise to all kinds of different issues involving you trying to support the outbound filtering AOL is doing on your customers sending from non AOL domains.
That doesn't change the fact that plenty of MUAs do not properly handle alternative ports.
Or you support POP AUTH, which just works, is in widespread use (probably the most widespread of the methods of authenticating the submit port after allowing relaying by IP), and was implemented years ago when open relays were closed.
Unfortunately, plenty of MUAs, even ones old enough to have been around when POP-before-SMTP was the only authentication measure around, still don't support this, or don't support it correctly. Hell, damn few clients do plain-jane POP or SMTP anywhere remotely close to correctly. Expecting them to do anything more advanced than that will be an exercise in frustration. You can't just set a hard and fast rule (like "let them eat cake"), and automatically expect all MUAs to kow-tow overnight. -- Brad Knowles, <brad@stop.mail-abuse.org> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See <http://www.sage.org/> for more info.