This seems like a new thread, so I changed the title. inline On Sun, 1 May 2005 Valdis.Kletnieks@vt.edu wrote:
On Sun, 01 May 2005 21:09:50 EDT, Dean Anderson said:
criticisms (made presumably in 1999), were correct. In 2005, SMTP AUTH is basically dead. There hasn't been a new mail client supporting SMTP AUTH in many years. What would be the point?
There's almost no new car companies supporting seat belts too.
_All_ car companies support seat belts, by law. So there are no new ones. But only 16 email clients (counting Netscape, Mozilla, and Firefox separately), support SMTP AUTH. But there are more than 1000 different email client programs. If you go to Microcenter, you can buy several email client programs for windows, but only one (Outlook) supports SMTP AUTH. Your comparison is precious. Its a classic sort of statistical deception, at the extreme. With seat belts, there is mandated 100% compliance. With SMTP AUTH, there is presently approximately 0.16% compliance. Lets round that up: Say 0.2% support. SMTP AUTH got 0.2% of the mail clients. The draft is dated 1998, and it got practically all of those 16 clients in 1999. And then the excitement petered out. People learned that SMTP AUTH didn't stop spam. Technically, the draft's authors knew it wouldn't stop spam, and never actually said it would. But its cheerleaders said it would (like they said POP-before-SMTP would). It was the *promise* that it would stop spam that generated the interest. And when that promise evaporated, so did the interest. But why would anyone deploy SMTP AUTH now? What would be the point of that? What's the cost/benefit analysis? There are only costs, and no benefits with SMTP AUTH. Indeed, I'm sending this from a system using SMTP AUTH. We've been trying to sell it for a couple years. Its our least used server (which why I use it). Basically, as a business proposition, its a bust. Has anyone made any money on SMTP AUTH? I don't think anyone has.
It's hard to get new ones when it's near 100% support. (Who *doesn't* support SMTP AUTH? Are there any major or even minor players that don't? Heck, even the now-venerable 'nmh' descendant of MH will do SASL auth for you....)
Cisco's mail client doesn't do SMTP AUTH. I'd say they are a major player. nmh is old, all right. Unless you want to exclude all but 16 or so mail clients (out of more than 1000), you can't really require SMTP AUTH. Some ISPs (residential) specify the mail client programs (or like AOL, provide custom software). They already have per-user accounts, and can therefore implement SMTP AUTH more easily. But then, *some* ISPs assume all their users run Windows, too. Not everyone is in that boat.
But as long as we're playing: Evolution and Mozilla's mail client are both fairly newcomers, and both do SMTP AUTH....
Err, no. Netscape was one of the original promoters and authors of the SMTP AUTH draft. They were probably the first to support SMTP AUTH in Netscape 4.0. Mozilla has the Netscape mail client. It isn't "new". Evolution isn't actually very new either, although its getting more traction after it was included in some linux distros. (I think it was installed by default in RH9.0 workstation installs) --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000