Yet another "disable outgoing scan" question
Mauricio Tavares
raubvogel at gmail.com
Wed Feb 17 15:58:26 GMT 2010
On Wed, Feb 17, 2010 at 4:17 AM, Jason Ede <J.Ede at birchenallhowden.co.uk> wrote:
>
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
>> bounces at lists.mailscanner.info] On Behalf Of Mauricio Tavares
>> Sent: 16 February 2010 21:31
>> To: MailScanner discussion
>> Subject: Re: Yet another "disable outgoing scan" question
>>
>> On Tue, Feb 16, 2010 at 4:18 PM, Alex Neuman <alex at rtpty.com> wrote:
>> > You should make sure the e-mails that go through your server that say
>> they're from your domain actually *are* from your domain.
>> > This is done at the MTA level.
>> >
>> That I think I am already doing: I told my MTA, postfix, to
>> always do smtp auth. Should that suffice?
>
>
> Depends... How are you doing SMTP auth? If not using TLS or the like then your credentials will be transmitted in plaintext and so are sniffable if you wanted to. If its an internal network then risk is minimal, but if its over internet then have seen outgoing servers credentials compromised in this way...
>
> TLS on postfix is trivial to get working.
>
Yeah, we do that. Though about doing key pairs but that idea
was, well, put on the bottom of the pile.
More information about the MailScanner
mailing list