On Fri, Sep 5, 2008 at 5:40 AM, Hoort, Brian <[log in to unmask]> wrote: > Doug: > > Thanks for your response. I thought that there was a difference between > requiring authentication and requiring encryption -- that SMTP servers > became spam reflectors because they didn't require authentication, not > that they didn't require encryption. Am I missing something here? > > Brian Hoort SMTP AUTH is typically done via a username/password combination. If this process is not encrypted (typically done via TLS for SMTP) than the username/password combination can be sniffed by third parties. This attack vector is typically regarded as 'bad' which is why many servers required encrypted connections for SMTP AUTH'd messages. > > > -----Original Message----- > From: Doug Nelson [mailto:[log in to unmask]] > Sent: Thursday, September 04, 2008 6:42 PM > To: [log in to unmask] > Subject: Re: [MSUNAG] SMTP server that doesn't require SSL > > On Thu, Sep 04, 2008 at 04:50:14PM -0400, Hoort, Brian wrote: > >> NAGgers: >> >> One of my faculty is setting up some remote sensing equipment that > uses >> cell phones to phone home the data. It does so over e-mail, and so we >> need to configure the box like an email client. We've been struggling >> to send a message for some time now, and reading through the >> documentation, we found a note that this device can do authentication, >> but cannot do SSL. Also, it's hard coded (we can't change it) to use >> port 25. >> >> We called MSU helpline and the student? confirmed that MSU does accept >> SMTP connections on port 25, does require authentication, and, does >> require SSL - giving us a dilemma. >> >> Is there an SMTP server at MSU which we can use that doesn't require > SSL >> encryption? It seems likely that someone has run into this sort of > thing >> before with other old or specialty equipment. > > To the best of my knowledge, there is no centrally-supported mail > service > that fits the bill, and for good reason. That's what we had years ago, > and such mail systems become massive spam reflectors very quickly. Now, > you could run such a mail server yourself, but you would need to pay > extra attention to its firewalling and incoming mail filtering. > > Hope that helps. > > Doug > > > -- > > > Doug Nelson, Network Manager | [log in to unmask] > Academic Technology Services | Ph: (517) 353-2980 > Michigan State University | http://www.msu.edu/~nelson/ >