Re: If I had a dollar for every Linux box...

From: Barry Wainwright (barry_at_mvps.org.INVALID)
Date: 01/24/05

• Next message: Barry Wainwright: "Re: Major, misterious database disaster"
• Previous message: Barry Wainwright: "Re: Entourage crashes during Import from OE"
• In reply to: Twail.L: "If I had a dollar for every Linux box..."
• Next in thread: Twail.L: "Re: If I had a dollar for every Linux box..."
• Reply: Twail.L: "Re: If I had a dollar for every Linux box..."
• Reply: Twail.L: "Re: If I had a dollar for every Linux box..."
• Messages sorted by: [ date ] [ thread ]

Date: Mon, 24 Jan 2005 09:32:58 +0000

On 24/1/05 6:37 am, in article cq49v0p0nduqaqamgdcgh5uvaivpi2bfl3@4ax.com,
"Twail.L" <twl@twl.tg> wrote:

> If I had a dollar for every Linux box, incorrectly set-up as a mail server,
> that has been in my experience to encounter, I would have made my own
> modest bid for the entire RedHat Company by now. However, the following
> just takes the cake, both soundly and comprehensively, and is testament
> again to the way these MVP people think. Useless...
>
> IN REGARDS TO: "Authenticated SMTP"
> "If your ISP has failed to set up their system properly, it may be that you
> are not "logged in" to their server unless you Receive Mail. If you find
> that you can receive mail, and anything you send immediately afterwards
> does go, while anything you attempt to send half an hour later doesn't,
> your ISP may be one of those."
>
> http://www.entourage.mvps.org/troubleshoot/send_receive/sending_problems.html
>
> *** Note the complete lack of accountability; "If your ISP has failed to
> set up their system properly"
>
> ...It's actually called "POP before SMTP", and, notwithstanding it's
>
> "work-around" type status, it is still accepted as being a viable paradigm
> for "Authenticated SMTP" type sending. FACT.
>
> Other Mail clients known to work with qmail's "Authenticated SMTP"
> feature.; Outlook, Outlook Express, Agent, Eudora, Apple Mail &
> "/usr/bin/mail + shell script".
>
> Entourage2004 - bzzzzt!
>
> The MVP's have to denounce it as being an ISP error because they don't have
> an explanation for Entourage not supporting proper "Authenticated SMTP"
> properly.
>
>

Well, as an MVP I'm sure you won't be surprised if I object to your tone.

However, with regard to 'POP Before SMTP', it is an old system that tried to
prevent mail relaying, but is not what most people would consider as
'authenticated SMTP' nowadays.

The system has fallen in disrepute and has declined in usage due to several
inherent problems with it, and the ready availability of many simpler, more
secure and less vulnerable systems (like 'real' authenticated SMTP).

The main inherent weaknesses in POP Before SMTP are that:
    a) if you are connected to your ISP's mail server through a router
using NAT translation (applies to about 99% of people using broadband and
more than one computer on a home network, and about 99.9% of medium to large
companies) then the POP collection will automatically 'authenticate' all the
users in that subnet - which could be several hundred computers outside of
your control.
    b) If you happen to be using a location with a dynamic IP address (such
as 99.99% of users on dial-up have, and many users on broadband), then
collecting you mail could authenticate that IP address and leave it
authenticated after you have disconnected. The next user to log in (and you
have no control over who this is or where they may be located) to the mail
server could be allocated the same, already authenticated IP address.
    c) Many of the 'black list' organisations will see a POP before SMTP
server as an open relay and will block your mail to their subscribers

There really is no valid reason nowadays to continue using POP before SMTP.
I could make a case for supporting the statement on the web page "If your
ISP has failed to set up their system properlyŠ". After all, doesn't
'properly' include 'securely' and using 'modern, widely supported
protocols'? POP Before SMTP is neither secure, modern or widely supported.

In actual fact, it is a relatively trivial exercise to set up entourage to
be fully compatible with POP Before SMTP using either applescripts or
schedules. Perhaps the web page could be updated to include this wider
information, but the whole site is the virtually un-aided work of one
individual, and is intended to be a non-technical introduction and
assistance to the average user. Someone who understands the intricacies of
POP Before SMTP hardly falls into the target audience for the site. Also,
you approach to post an inflammatory, insulting mail in this public forum is
hardly to be applauded. If you had concerns about the page, wouldn't the
polite way to deal with it have been to mail the webmaster directly and
raise your concerns in a positive way? I know Diane well, she is always
responsive to constructive criticism. To have her (or any MVPs) voluntary
efforts deprecated in the way you have done is spiteful, unnecessary and
counterproductive.

I have also removed the totally unnecessary cross-post to the windows XP
newsgroup. What on earth sort of relevance has this post to that group?

-- 
Barry Wainwright
Microsoft MVP (see http://mvp.support.microsoft.com for details)
Seen the All-New Entourage Help Pages? - Check them out:
        <http://www.entourage.mvps.org/>

• Next message: Barry Wainwright: "Re: Major, misterious database disaster"
• Previous message: Barry Wainwright: "Re: Entourage crashes during Import from OE"
• In reply to: Twail.L: "If I had a dollar for every Linux box..."
• Next in thread: Twail.L: "Re: If I had a dollar for every Linux box..."
• Reply: Twail.L: "Re: If I had a dollar for every Linux box..."
• Reply: Twail.L: "Re: If I had a dollar for every Linux box..."
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint