[Info-vax] SFF problem with VSI on Integrity?
Arne Vajhøj
arne at vajhoej.dk
Thu Sep 5 13:30:54 EDT 2024
On 8/14/2024 8:17 AM, Craig A. Berry wrote:
> On 8/13/24 8:25 PM, Richard Jordan wrote:
>> On 8/13/24 6:28 PM, Stephen Hoffman wrote:
>>> On 2024-08-13 14:54:42 +0000, Richard Jordan said:
>>>> Problem identified. There was an incorrect parameter in the
>>>> TCPIP$SMTP.CONF file.
>>>
>>>
>>> That TCPIP$SMTP.CONF file is all too reminiscent of the recent
>>> CrowdStrike mess.
>>>
>>> If that configuration file is missing or empty, OpenVMS SMTP turns
>>> into an open relay, too. No errors.
>>>
>>>
>> Yes. It was unfortunate that drastic SMTP config changes were made in
>> an ECO to 5.7 that were never really followed up on too. Or
>> documented... Hopefully 6.0 will be better.
>
> 6.0 creates the configuration file for you when you enable the SMTP
> service and sets relay to false. I guess that's something. But under
> the help for SET CONFIGURATION SMTP I see no mention of SMTPS,[1] SPF,
> DKIM, or DMARC,[2] all of which are now necessary to send mail with a
> reasonable chance of getting through.
>
> [1] https://www.cloudflare.com/learning/email-security/smtp-port-25-587/
>
> [2] https://www.cloudflare.com/learning/email-security/dmarc-dkim-spf/
VMS has definitely been lacking in this area for years.
But maybe it is not so important any more.
My impression is that email in general is becoming outsourced
as default. Companies outsource all their email. Even many
ISP's outsource all their email.
inbound email - external service
outbound email - external service /
local server forwarding to external service /
specialized bulk email service that expose web service
API and handle all the legal requirements for unsubscribe etc.
Arne
More information about the Info-vax
mailing list