Michael Korolew wrote: > Using programs like Eudora with apop, sftp from openssh, ssh > program like SecureCRT instead of telnet, and using SSL whenever they need > to authenticate themselves browsing, also making sure to change around > their passwords regularly.
There are lots of ways to keep secure without having to resort to webmail. I find webmail about the worst abomination there is; I offered it to dialup clients for some time, and I'll offer it to hosting clients on request. But I'd never force anyone to use it. I know if I was forced to use it I would NOT use that hosting company. And if I was forced to change my email client to use a hosting company, I wouldn't do that either. We use some other basic ways of staying relatively secure: Most people want their company email forwarded to a personal account, and we encourage that <smile>. We use coded accounts for email, with aliases for the email address. In otherwords, [EMAIL PROTECTED] may go to something like abx3dde0. We also use complex passwords, something like AbcDEqd3, that cannot be easily guessed. And we do NOT give email users any other kinds of rights at all. We've also considered running email on a separate server, but using the Cobalt platform that's a bit more complex than it's worth. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
