Xref: utzoo comp.protocols.tcp-ip:14842 comp.mail.uucp:5865
Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!cs.utexas.edu!yale!hsdndev!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.protocols.tcp-ip,comp.mail.uucp
Subject: Re: Are There Standards For Secure Mail Transfer Via SMTP?
Message-ID: <16381:Feb1015:07:5791@kramden.acf.nyu.edu>
Date: 10 Feb 91 15:07:57 GMT
References: <1991Feb8.110317.3949@unipalm.uucp> <1991Feb8.180500.11290@Solbourne.COM> <1991Feb8.185044.22132@mp.cs.niu.edu>
Organization: IR
Lines: 20

Apologies for the advertisement, but it seems appropriate to point out
that I just posted a public-domain RFC 931 implementation under BSD to
alt.sources, along with patches to sendmail (5.65, 5.61, et al.) that
let you use $F in sendmail.cf for the remote user as per RFC 931. I
recommend that you add ``, auth $F'' to one of the Received: lines,
preferably the second, as a semi-standard format.

Sure, RFC 931 isn't a panacea. But it does turn mail into a secure
protocol, provided that TCP is made secure. Any university sysadmin
knows that 99% of all sendmail forgers don't have any resources other
than a telnet connection. Now we can close that hole for good.

authd 3.01 has been reported to work under SunOS 4.0 on a Sun 2/170,
SunOS 4.0.3 on a Sun 4/280, SunOS 4.1 on Sun 3/80, 3/160, 3/180, 4/60,
and 4/330, Ultrix 4.0 on a DECsystem-5820, Ultrix 4.1 on DECsystem-5820,
DECstation-5400, and VAX 8650, BSD 4.3 on some VAX, and Convex UNIX 8.0
on a Convex C210. It does peek in a few kernel data structures, but it
seems perfectly portable so far.

---Dan