 HylaFAX The world's
most advanced open source fax server
|
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]
Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- To: hylafax-users@hylafax.org
- Subject: Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Joe Phillips <jaiger@acm.org>
- Date: Mon, 25 Mar 2002 09:04:42 -0500
On Fri, Mar 22, 2002 at 08:54:22AM -0800, Lee Howard wrote:
> On 2002.03.22 06:45 Joe Phillips wrote:
> >
> > I wasn't only talking about the broken-ness of email-to-fax systems but
> > also email as a whole. SMTP has little to no authentication built in.
> > It's a store and forward system where the relays basically accept email
> > from just about any other relay, headers can be easily forged, an open
> > relay is easy to configure and exploit.
>
> Curious, do you feel, then, that SMTP AUTH is useless? I think that open
> mail relays (although still out there) have been diminishing in number
> since SMTP servers have been changing their defaults away from that
> configuration. Granted, nothing stops an admin from opening it up because
> "it's easier" to configure that way.
I am not familiar with SMTP AUTH. All I know is in reality I get hundreds
of spam email a day when I disable the RBLs on my server. Even with RBL,
I get a bunch of spam every day. This whack-a-mole approach to catching
resource abuse tells me that there is a problem. The problem may be in
the protocol or it's current implementations.
I agree that as the default config tightens, so the spam diminishes. But
that only covers poorly configured open relays - open-relay-by-accident.
A spammer can still purposely configure an open relay and we have a
problem.
> > In designing a HylaFAX least-cost-routing solution, we should be aware
> > of these problems and try to learn from them.
>
> Agreed. Other than the hfaxd communication being in cleartext, do you
> dislike its authentication method otherwise?
From what I've seen, it's functional. It works and no obvious problems
stand out to me.
I'm mainly worried about things like the suggestion that we should allow
jobs to be relayed from any other server without passwords. That's a problem.
We should aim to be secure by default. If the admin wants to shoot his
own foot off then that's his problem.
-joe
--
Innovation Software Group, LLC - http://www.innovationsw.com
Custom Internet and Computer Solutions
Linux, UNIX, Java Training
____________________ HylaFAX(tm) Users Mailing List _______________________
To unsub: mail -s unsubscribe hylafax-users-request@hylafax.org < /dev/null
- References:
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Lee Howard
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Sedat Yilmazer
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Joe Phillips
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Lee Howard
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Joe Phillips
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Lee Howard
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- From: Lee Howard
- Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- Prev by Date: [hylafax-users] faxaddmodem works good with the modem but no HANG UP !
- Next by Date: Re: [hylafax-users] faxaddmodem works good with the modem but no HANG UP !
- Previous by thread: Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- Next by thread: Re: [hylafax-users] Routing faxes to other fax servers based on phone number
- Index(es):
Project hosted by iFAX Solutions