Anita:
Thanks for your reply.
On 06/09/2003 15:29 USA PT (-0800), anita@xxxxxxxxx ( Anita Holmgren ),
wrote...
>> >One fallout of the new POP-before-SMTP architecture is that it
>>>imposes the limitation that the users pop log in must be the same as
>>>his email address.
>> Hmmm, what does "users pop log in must be the same as his email
>>address" mean exactly ( examples please, and I'm not sure I'm going to
>>like the answer )?
>
>POP login name: glenn
>Email address: glenn@xxxxxxxxxxxxxxxxxxx -> MATCH!
>
>POP login name: glenn
>Email address: gblists@xxxxxxxxxxxxxxxxxxx -> Not a Match!
Tha above basically ruins POP-Before-SMTP for those of us that host
multiple domains and need some sort of identifier to distinguish between
"jsmith@xxxxxxxxxxx" and "jsmith@xxxxxxxxxxx" ( in our case we use a
prefix to the ID like "dX-smith", not only to give more options for
names/domains, but also to be able to bring up all accounts under a
domain by searching POP/IMAP4 Login for "dX-*" ).
As a side note, can we please have an option to "Show Quota" for the
results of any searchs like above.
>All this means is that for cases where there is no match, you can't
>use the POP0-before-SMTP as a mechanism to gain access to an
>authorized system. You will have to use another mechanism, such as
>SMTP-Auth.
And if SMTP-Auth is not an option ( see below question about APOP )?
I also suppose that the "improved" method restricts someone like me
from logging into one of our accounts, then sending through another
account in the same session where we may not have originally needed to
check/login to the sending account.
>> > To accomodate users that can't live with this
>> >restriction, we implemeted SMTP-Auth, which will be part of the
>>>upcoming release.
>> Is SMTP-Auth compatible w/ the old APOP login ( used by Emailer )? I
>>still have some clients that swear by Emailer ( including myself when in
>>9/Classic ).
>
>My understanding is that SMTP-Auth is different from APOP. None of
>these mechanisms interfere with one another.
So I guess the question would be "does P.O support APOP logins"?
>> Also, can any of these "new" features be implemented on a user-by-user
>>basis?
>
>I think it's even better than that. Users can take advantage of any
>features they want. If a user has a mail client that supports
>SMTP-Auth, then that mechanism will be invoked. The same user,
>another time, using another mail client from a different location,
>could gain access via POP-before-SMTP. Another user could be denied
>by POP-before-SMTP, but could gain access via SMTP-Auth. And a user
>local to the mail server would not need either of these mechanisms.
The above assumes our business methods change and can allow for IDs
that conform to your idea of an ideal POP-Before-SMTP, something we're
reluctant to do, esp. since we've got a large client base to get to
change their ID in their eMail clients ( and the confusion/hassle that
involves ), not to mention the reasons mentioned above.
The POP-Before-SMTP solution seems "not quite baked" to multi-domain
hosting needs, please consider some alternative methods there.
What happened to the IP based check, it was esp. handy for clients
behind subnets on DSL, etc.?
Thanks for your time and help in this matter.
Glenn
---------
Tenon Intersystems' Post.Office Mailing List
To unsubscribe: send mailto:post_office-request@xxxxxxxxxxxxxxx
with the body only containing:
unsubscribe
Find the searchable mailing list archives at:
http://postoffice.computeroil.com/
|
