On Friday, July 8, 2005, 10:10:04, Nadon, Jason wrote: > ... > If we were to use SSL - and "force" it, would that take the non secure > "LOGIN" authentication method away from the server - or would it still > announce that - along with the other methods?
Once you've got a secure channel between your client and your server there's no issue of the password being compromised. > It's funny - I just had the conversation with a member of the team > that I'm working with to try and get IMail to pass through this Qualys > reporting and they didn't seem to care that even though the login / > authentication would be secure that the message content may not be... > > Call me crazy - but that just seems backwards to me. Its really two separate issues, password security and message security. You'll want to keep your password secure to prevent someone else from pretending to be you and sending e-mail using your server. You'll want to keep your message secure when it contains something you wouldn't want a 3rd party to know about. Sending e-mail is like sending a postcard, as it passes from point to point anybody can glance at it and read it. If you want to keep others from understanding the message you'll need to encrypt the message. (Works for e-mail and postcards :-) -- [EMAIL PROTECTED] "The avalanche has already started, it is too Rod Dorman late for the pebbles to vote." Ambassador Kosh To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
