mew writes:
> ----- Original Message -----
> From: "Sam Varshavchik" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, September 02, 2001 11:15 PM
> Subject: Re: Login checkbox behavior
>
>
>> mew writes:
>>
>> > Hi Sam,
>> >
>> > Thanks for the info on the behavior.
>> > So basically its useless (as far as I can see). If all one has to do is
>> > re-login (no matter what the ip#) I fail to see what benefit it has.
>>
>> Without it, someone with an upstream sniffer would be able to hijack a
> mail
>> login session.
>>
>>
>> --
>> Sam
>>
>
> OK, thanks Sam,
>
> But if - bad guy, had an upstream sniffer they would have captured the
> password and wouldn't need to hijack anything anyway. ;-(
Not if sqwebmail was configured to use SSL for logging in -- the usual
webmail server configuration.
--
Sam
