(cutting down Cc list)
On Mon, 05 Jun 2006, John Peacock wrote:
The current setup:
- Pine configured to send mail via localhost (MTA)
- MTA on localhost send mail to SMTP server
- SMTP server allow/reject connections based on POP-before-SMTP
- SMTP server performs spam and virus checks
This isn't that unreasonable a setup - because the laptop may not be
The setup is unreasonable, we already agreed that POP-before-SMTP alone is unreasonable and dangerous in dynamic-IP environments.
connected at all times, he wants to have a local MTA on the laptop to deposit mail into while offline. That MTA is configured to relay all mail via his primary MTA, which scans incoming/outgoing mail and delivers it to the appropriate remote MTA. As such, whether he is running postfix or qmail (or Sendmail) *on the laptop*, he wanted to know why POP-before-SMTP broke on his primary server.
This was already answered a few posts ago, with the side note that POP-before-SMTP opens security loopholes.
I understand the intentions and the situation (and, as yet another sidestab, "this can happen with betas"), and the chosen MTA that is incapable of SMTP AUTH is a fact that matters here, since the limitations of the MTA cause such crutches as POP-before-SMTP -- and they are quite besides the track given that the chosen MTA claims security.
It's not that I disagree with you that POP-before-SMTP is suboptimal and should be replaced with AUTH; it's that you are being such an a$$h0le in your anti-qmail fervor, that any wisdom you may be imparting is lost in the vitriol.
There's much less emotion ("fervor") in my calling qmail decrepit than you suspect. It would be unwise to not talk about qmail being the agent that caused the POP-before-SMTP dangers.
And, yet another side note, that POP-before-SMTP may fail after software upgrades, is just another reason to replace it.
-- Matthias Andree