[sclug] All this Debian chat...
Matt
matt at bodgit-n-scarper.com
Thu Feb 5 10:54:10 UTC 2004
* David Given <dg at cowlark.com> [2004-02-05 10:30:25]:
>
> Incidentally, regarding only allowing IMAP access via SSL...
>
> IMO there's not really any point encrypting the data stream. After all, the
> messages have all arrived on your machine via SMTP in plain text: anyone
> snooping your machine will have already seen them.
SMTP with STARTTLS?
Sure, mail originating from outside will almost definetly have passed
somewhere in the clear, but more in a corporate environment where
everyone communicates over e-mail, (read: sends Excel/Word documents
back & forth, bane of my life), it never really leaves the network, and
if they're working remotely, these documents shouldn't really be passed
in the clear. I make a point of making sure the MUA's are set up
correctly to do this, although certain ones make this very very
difficult.
> Secure authentication, sure; CRAM-MD5 or some other mechanism. But if
> you're on a slow machine --- my mail server is a P133 --- then not
> using SSL will give you a noticable speed bonus.
If you can't run CRAM-MD5 then wrapping the plain authentication with
SSL is acceptable, and if you can warrant the need for SSL, you'll run
it on suitable hardware.
Matt
--
"Never rub another man's rhubarb."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.tmdg.co.uk/pipermail/sclug/attachments/20040205/fd0826a5/attachment.bin
More information about the Sclug
mailing list