Date: Wed, 29 Jul 1998 17:33:32 -0600 From: Nate Williams <nate@mt.sri.com> To: Sean Eric Fagan <sef@kithrup.com> Cc: committers@FreeBSD.ORG Subject: Re: sendmail 8.9.x Message-ID: <199807292333.RAA00686@mt.sri.com> In-Reply-To: <199807292227.PAA02559@kithrup.com> References: <199807291531.XAA01198@spinner.netplex.com.au> <Pine.BSF.4.00.9807291506420.24795-100000.kithrup.freebsd.cvs-all@resnet.uoregon.edu> <199807292227.PAA02559@kithrup.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> >> > FEATURE(relay_entire_domain) > > As I understand this feature, if this is enabled, the site can still > be put on the RBL for relaying. (Much to nobody's surprise, thieves > often lie about who they are when they are committing their acts of > theft.) Probably, but it's better than the stock setup. > >> I think this should be on by default when we ship: > >> > >> FEATURE(relay_based_on_MX) > > > >Can we do both? Both are perfectly reasonable options that stops the > >grand majority of relay abuse. > > The first does not stop the grand majority of relay abuse. I can speak as an > expert here. > > The second is less so, but still abusable, and will still likely result in > blackholing. Both are abusable. > Why don't we also stop providing security fixes in new releases, and > provide versions of, say, qpopper, that are still susceptible to > widely-known exploits? Poor example. Why don't we provide the system with IPFW enabled by default, thus making them totally secure from network problems? In essence, not allowing most 'networks' to get email. If you don't want a chance to get spammed or be a spammer, disable sendmail completely. But, if we want people to get email at all, then set it up *better* than the current default, but not so secure as to be unusable. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807292333.RAA00686>