Bug#410756: exim4 default config utterly useless for 98% of users
Daniel O'Neill
prosolutions at gmx.net
Tue Feb 13 13:33:43 CET 2007
>
> > I do not know enough about CRAM-MD5 and the merits of using or not
> > using it or other auth mechanisms, only that it would of course be
> > preferable to have it used when TLS is not available.
>
> I disagree here. Unless an unencrypted wireless LAN is used, I find it
> much more dangerous to have the SMTP passwort stored on the client as
> clear text.
>
But the fact is that almost all mailers require authentication. This is a
serious problem with Exim and makes it non-functional for the vast majority
of users.
> > I don't have any hard data about how many smarthosts don't support
> > TLS but do support CRAM-MD5 but I think the number is high based on
> > my experience. Again, this is all relative to whether TLS or an
> > encrypted auth mechanism would simply be used if they are detected.
>
> TLS is always used if available, CRAM-MD5 is used when a clear text
> password is available. I am not sure which client authenticator takes
> precedence should both clear text and crypted password be available.
>
> > Re: the "Hide local mail name in outgoing mail" If this is answered
> > "No" it is definitely a problem with gmx.net which will reject the
> > mail.
>
> GMX imposes many additional hardships on their users. I am not going
> to special-case them.
Not really. I've used quite a number of mailers over the years including
sbcglobal, earthlink, lycos, several other ISP's, and even my own mailers.
Always the same basic info is required: mailer name and login credentials.
(Whether the auth mechanism needs to be supplied or not depends on the
client mail software). If you are trying to do complex stuff between
MUA's then it might be tricky, but basically all mail client software
works identical with any mailer once the basic parameters are
configured.
>
> > Why isn't it possible for Exim to know that, if its sending an outgoing
> > message through a smarthost (as opposed to local mail) that it should
> > set the envelope From: accordingly?
>
> Because there are many cases where this is undesireable. For example,
> rewriting the envelope makes it harder to trace back the message to
> the originating system. In other cases, it is important that the
> envelope generated by the original client stays unmangled.
But the user using Thunderbird or kmail or whatever doesn't have this
problem, and they are using the ISP's mailer in the same way. Why does
it become more complex just because Exim happens to be sending the mail?
I agree that in more complex or customized setups this might not be
desirable but I am speaking about the vast majority of end users who
just want mail to *work*.
--
Daniel O'Neill
More information about the Pkg-exim4-maintainers
mailing list