1.1 --- a/thesis/tex/4-MasqmailsFuture.tex	Thu Jan 15 22:45:13 2009 +0100
     1.2 +++ b/thesis/tex/4-MasqmailsFuture.tex	Thu Jan 15 22:45:51 2009 +0100
     1.3 @@ -98,11 +98,11 @@
     1.4  Several ways to restrict access are available. The most simple one is restriction by the \NAME{IP} address. No extra complexity is added this way, but the \NAME{IP} addresses have to be static or within known ranges. This approach is often used to allow relaying for local nets. The access check can be done by the \MTA\ or by a guard (e.g.\ \NAME{TCP} \name{Wrappers}) before. The main advantage here is the minimal setup and maintainence work needed. This kind of access restriction is important to be implemented.
     1.5  
     1.6  This authentication based on \NAME{IP} addresses is impossible in situations where hosts with changing \NAME{IP} addresses, that are not part of a known subnet, need access. Then a authentication mechanism based on some \emph{secret} is required. Three common approaches exist:
     1.7 -\begin{itemize}
     1.8 +\begin{enumerate}
     1.9  	\item \SMTP-after-\NAME{POP}: Uses authentication on the \NAME{POP} protocol to permit incoming \SMTP\ connections for a limited time afterwards. The variant \SMTP-after-\NAME{IMAP} exists too.
    1.10  	\item \SMTP\ authentication: An extension to \SMTP. It allows to request authentication before mail is accepted. Here no helper protocols are needed.
    1.11  	\item Certificates: The identity of a user or a host is confirmed by certificates that are signed by trusted authorities. Certificates are closely related to encryption, they do normally satisfy both needs: \NAME{SSL} tunnels encrypt the data transmission and allow to identify the remote user/host by his certificate.
    1.12 -\end{itemize}
    1.13 +\end{enumerate}
    1.14  At least one of the secret-based mechanisms should be supported.
    1.15  
    1.16