On Tue, 25 Jul 2006, [EMAIL PROTECTED] wrote: > SO the mail clients then should choose an option similar to "Use TLS, if > available"
Never use this option. It makes you vulnerable to downgrade attacks which can cause your password to be revealed to an attacker without any visible warning. Only use TLS or SSL in "required" mode with server certificate verification. Tony. -- <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\ N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\ \N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}} -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
