From owner-freebsd-questions@FreeBSD.ORG Sun Mar 24 08:10:10 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 087C2DD0 for ; Sun, 24 Mar 2013 08:10:10 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: from mail-bk0-x232.google.com (mail-bk0-x232.google.com [IPv6:2a00:1450:4008:c01::232]) by mx1.freebsd.org (Postfix) with ESMTP id 9A58623F for ; Sun, 24 Mar 2013 08:10:09 +0000 (UTC) Received: by mail-bk0-f50.google.com with SMTP id jg9so2376864bkc.9 for ; Sun, 24 Mar 2013 01:10:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=yQRR3TivELHeE5j/gZWES4AFgK5FUpuFg8xcWLLAB5A=; b=dSBQD0W/MXkTHjrJBAdLMqvv6JiC0XwipGQHwRz2abOBVQaTGApZJk6xbFYxaLpNxg Nzexc8sY/TpHxAhTK3oVnYFb7PH80PU4mrsO/1LlARb/0a8dUgB5DuFpcojCVqcowbZ9 d+tDb/TmdhWIZRVRbRar4zufLfHWaHHfNwLj6cgGCXutOA0ErVzoW7gkCkljlM2VOMyn c8SUKjKx70IUdLj0ny78SG2sECKwXzqmDRX6pSgysV0iFLZ+IwYHJJCRdwNP4ltd9x0M FVKyIlS4qzo518HSqn5faKocX7iXu5yXrhu6+JvdCyAmsI82b3RlfLVdmG2eiDyOw6vf kz/w== MIME-Version: 1.0 X-Received: by 10.204.188.81 with SMTP id cz17mr3570617bkb.91.1364112608680; Sun, 24 Mar 2013 01:10:08 -0700 (PDT) Received: by 10.204.25.207 with HTTP; Sun, 24 Mar 2013 01:10:08 -0700 (PDT) In-Reply-To: References: Date: Sun, 24 Mar 2013 01:10:08 -0700 Message-ID: Subject: Re: Client Authentication From: Waitman Gobble To: Doug Hardie Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: "freebsd-questions@freebsd.org List" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 08:10:10 -0000 On Sat, Mar 23, 2013 at 9:22 PM, Doug Hardie wrote: > > Basically, my outgoing mail server is being systematically attacked to try > passwords looking for one that works. When they do find one, we get > inundated by spam sent through that account throughout the world. The > situation is such that most of our users are older and their computer is a > hand-me-down so they can talk to their grandchildren. Passwords are a > great inconvenience for them and create numerous problems with remembering > them even when they are simple. Unfortunately, most of them are quite easy > to guess. > > You might consider disabling external smtp auth service and using ssh tunnel to server to connect to mail. Also provide web based convenience service. It might be interesting to encrypt mail to the user's cloud service that operates in a gpg zone. I think this operation could be mostly transparent to the user, so kids and granpamas can use it without concern. -- Waitman Gobble San Jose California USA 510-830-7975