Pablo Baldovi wrote:
Hello,
I have a question for them.
It happens that the configuration that authenticates the user with a good
connection on POP3, when done in an organization, malicious anyonecan after a
successful connection, change the configuration of your mail client and send
mail as another person correct.
Is there any way to fix this in a shared environment? (I hired a shared hosting
plan)
Thank you very much for your comments.
Pablo Baldovi
[email protected]
SMTP auth based on prior successful POP (or IMAP) auth WAS a
'convenience' for admin setup's sake. I never liked it, went to
independent auth (and credentials, FWIW) 'many moons ago'.
YMMV.
But NEITHER is any assurance that, for example, any WinLuser's MUA won't
get compromised - thereby handing-over either/both sets of credentials.
From time to time, they most assuredly WILL do.
You just have to take steps to watch for the signs of that and have a
rapid means of fixing it.
Bill
--
韓家標
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
