Re[2]: IMAP with TLS
Hi Vilius, So IMHO in nowadays world where everyone has at least stable 128kbps POP3 is a legacy. I hope, you'll allow me to disagree. :-) I'm subscribed to 54 mailinglists, from 42 of them I save the mails, doing that for many years; lists about historical topics, about mythological topics, etc. I wait until there are 2000 mails in a listfolder, then I export them and start another 2000. They're a great database for me. Therefore I need POP3 to get every message on my local computer where I've lots of diskspace for it. -- Regards, Gunivortus Using The Bat Vs. 3.99.6 under Vista Bussiness 64 bit Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Re[2]: IMAP with TLS
Gunivortus Goos [EMAIL PROTECTED] rašė: Hi Vilius, So IMHO in nowadays world where everyone has at least stable 128kbps POP3 is a legacy. I hope, you'll allow me to disagree. :-) I'm subscribed to 54 mailinglists, from 42 of them I save the mails, doing that for many years; lists about historical topics, about mythological topics, etc. I wait until there are 2000 mails in a listfolder, then I export them and start another 2000. They're a great database for me. Therefore I need POP3 to get every message on my local computer where I've lots of diskspace for it. But you can do this on IMAP too. Just configure email client to automatically archive older messages to local folders. This is why I like IMAP. You can customize your inbox for virtually every possible situation. -- Pagarbiai, Vilius Šumskas LNK TV sistemų administratorius mob.: +370 614 75713 http://www.lnk.lt Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
5/17/2007 8:08 AM Hi Vilius, On 5/17/2007 Vilius Šumskas wrote: VŠ Well, 5 last servers I built have IMAP only. The only difference user VŠ can see is he must delete email twice :). POP3 was invented for VŠ dialup users, where you just want to connect with modem download email VŠ and disconnect. So IMHO in nowadays world where everyone has at least VŠ stable 128kbps POP3 is a legacy. Consider this: I work with people in various places who are in constant life-threatening situations. They _must_ manage their messages locally on an encrypted drive. IMAP is not a reality for them. It is important to remember that valid experiences exist beyond our own experiences. -- Take Care, Paul Voyager v.3.95.06 on Win2k SP4-Rollup1 5.0.2195 No IMAP OTFE Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
RE: Re[2]: IMAP with TLS
5/17/2007 8:08 AM Hi Vilius, On 5/17/2007 Vilius Šumskas wrote: VŠ Well, 5 last servers I built have IMAP only. The only difference user VŠ can see is he must delete email twice :). POP3 was invented for VŠ dialup users, where you just want to connect with modem download email VŠ and disconnect. So IMHO in nowadays world where everyone has at least VŠ stable 128kbps POP3 is a legacy. Consider this: I work with people in various places who are in constant life-threatening situations. They _must_ manage their messages locally on an encrypted drive. IMAP is not a reality for them. It is important to remember that valid experiences exist beyond our own experiences. Why is that? You can store IMAP cache DB on local encrypted drive just like you are storing POP3. From the filesystem perspective point of view they are just ordinary files. -- Vilius Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
Sorry to interrupt your discussion: the Stunnel solution works with the expired certificate problem. -- Vili Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
They just want to send and recieve mail, it's our (admins) job to make it work. And thanks Ritlabs making this job easier! Let me rephrase the discussion here: Ritlabs does a good job following the rules, while other email clients are sloppy/let users follow non-standard protocol (in order to get around sloppy admins), right? -- Vili Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
Hello Gary, Wednesday, May 16, 2007, 21:46:34, you wrote: B and D only allows me to send and receive packets securely. Since I still can into the server by authentication using A and C, what difference does it make? Answer:NONE Confidentiality, integrity and availability as the fundamental security characteristics of information. http://en.wikipedia.org/wiki/CIA_Triad http://en.wikipedia.org/wiki/Information_security#Confidentiality.2C_integrity.2C_availability TLS assures confidentiality and integrity of the information. Confidentiality means that nobody in transit (that has access to the data channel) can read your messages while your are retrieving them via TLS. Integrity in email means that nobody in transit can alter your messages, i.e. modify the contents of the messages, inject false messages, remove legitimate messages, etc. while your are retriving them via TLS. So I do not agree that there is no difference between BD and AC. If you are using TLS with expired or otherwise invalid certificates, this means that there is no actually TLS and confidentiality and integrity is no longer assuered, so the malicious person that has access to data channel can read and/or modify the messages while you are retrieving them. -- Best regards, Maxim Masiutinmailto:[EMAIL PROTECTED] Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
Hello Vilius, Wednesday, May 16, 2007, 22:30:08, you wrote: Yes they are not email clients, and yes they allow you to choose in a difficult way. But I think you can see where it is coming. Sooner or later none of them will allow this. Nice news! -- Best regards, Maxim Masiutinmailto:[EMAIL PROTECTED] Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
Hello Gary, Wednesday, May 16, 2007, 22:43:37, you wrote: It is a problem in that it is a matter of convenience to the user. Where the user can always connect otherwise using a standard connection on 143 (in most cases, depending if the IMAP server is set up that way, or standard POP on 110). I don't understand why don't you connect with regular (non-TLS) IMAP if the TLS IMAP has an invalid certificate? To put it another way, if I can connect to a server via POP or IMAP, after I authenticate, why will it not let me connect securely, when I can connect normally. It should be my choice, since I can connect anyway. Does that not makes sense? If you have an invalid certificate, than you are not connecting securely, even if you are using TLS. Belive or not, with an invalid certificate, no confidentiality or integrity is assured. So just switch to regular (non-TLS) IMAP and be happy! :-)) -- Best regards, Maxim Masiutinmailto:[EMAIL PROTECTED] Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
Hello Gary, Wednesday, May 16, 2007, 0:05:04, you wrote: actual case, 8 years ago, I built an SMTP /IMAP / POP / DNS servers for a business, about 15 people... no big deal... It is set up on 143 and 993... now their own self-issued cert was made for 5 years... it has expired. In this case, I will quickly call the system administrator and she will quickly issue the new cert. As written before, unmanaged servers aren't good. -- Best regards, Maxim Masiutinmailto:[EMAIL PROTECTED] Current beta is 3.99.06 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: IMAP with TLS
hi, Friday, March 17, 2006, 3:57:03 AM, you wrote: System Admin says for it that since other users (who don't use The Bat!) can receive mail with Outlook/Outlook Express, he will not touch the working server and renew the certificate. So, this is _my_ problem how to fetch mail in this case, not his. obviously, your sysadmin doesn't make the difference between security and encryption. try to explain him that certificates DO have to expire, as over time the keys can be cracked thus renderhing HIM into the problem of finding a job. -- regards, vitalie mailto:[EMAIL PROTECTED] Current beta is 3.72.02 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/