Am Mi, den 03.11.2004 schrieb Ow Mun Heng um 2:05: > The other concern with this and the method of using MSAs is > * It does not have any milters/filters in place. what's stopping > spam/malware etc from coming in through that path? If you don't explicitly bind the milters to the MTA only, they are used with the MSA too. > * How much do you trust authenticating users? When malware gets > sent (unknown to the orginator) does it send through the users > MUA (eg: if users are using Outlook(R) In which way is that specific for using the MSA? If you have a worm on a Windows[tm] machine being able to use the auth data saved within the mail program, then it does not matter whether you use the MTA or the MSA. As server administrator you can hardly handle such cases. Only if you have a close eye on the logs and you observer suspicious sendings. > I believe that sendmail is right to instruct that the MSA only be used > on internal systems. (and if there's a choice, only for the sending > system and not to accept from other connections on the LAN). I guess it > also depends, how much you trust systems within your LAN or otherwise If you don't open the default MSA - means without authentication enforcement -, then I wouldn't see the problem you see. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.8-1.521smp Serendipity 02:31:27 up 14 days, 10 users, load average: 0.20, 0.32, 0.28
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
