Around 07:11 PM 11/25/1999 -0600, rumor has it that Edward S. Marshall said:
Show me one ISP/NSP out there who isn't running beta or alpha code
somewhere in their infrastructure. Never ran a x.0 version of IOS? Never
patched a piece of software with an "unsupported" patch to fix an issue
affecting service? Never developed such a patch yourself (or had a staff
member do so)?
Beta/Final doesn't matter so much. It has to work. If it doesn't work, its not going to get deployed until it does work. We are looking into it. But it probably won't happen immediately, until we know it works, and doen't interfere with our services. While John Levine says it works already in exchange, and outlook, I haven't figured out (after only a little bit) how to configure it in Outlook, or Eudora. Or unix mail. So it probably will take some effort to deploy.
Incorrect. It's a customer training issue, and a little development time
on your part. If you can't use SMTP AUTH, don't. Use POP-before-SMTP. Whip
up a custom finger daemon to accept a username/password pair in the same
manner. Create a webpage for your customers to enter a username and
password on to authenticate themselves. Use a VPN. Use magic headers or
subject lines that your MTA catches and uses as identity verification.
Provide a web-based interface for your customer's email. Use UUCP.
This is so foolish, I'm just about tired of explaining. Most of the people who continue asserting the above have been made aware that none of those schemes comply with standards. The SMTP AUTH RFC 2554 is standards track, but not standard. Anyway, as has been said numerous times before, ANY STANDARDS COMPLIANT MTA MUST BE ACCEPTABLE FOR USE BY A CUSTOMER. Pop before SMTP, or special web/vpn web apps don't cover the category of "any standards compliant mta". We know about them. Probably more than you. So please stop blathering about them.
Just because you're too lazy/ill-funded to develop a solution to a problem
YOU'VE created (by CHOOSING to offer that service to your customers),
don't expect us to feel sorry for you.
Relay services have been around longer than spam. Certain antispammers created the problem by advertising our service as free to spammers to incite crimes. The antispammers created this problem on purpose because they are too few, too lazy, too unrealistic, too extreme, too politically inept, and too ill-funded to make spam illegal. So they have to resort to criminal acts [terrorism] to try to get the issue some attention.
Since when did NANOG become a forum for hosting issues? This will be my
only post to this thread on this list; take it to inet-access or
rbl-discuss, if you must.
This has already been discussed on rbl-discuss, where the conclusion was that "soon we'll have a software solution for you." [implying that currently, we have to relay]. It has become an operational issue since legitimate operators are being attacked, and connectivity to the net is being affected.