At 11:41 21.05.04 +0200, you wrote:
>Hello blist,

>In the OLD days, people were happy with SMTP-Auth.  I consider it LESS
>security as SMTP after POP, because with SMTP-Auth, You sent Your
>e-mailadress and Your password of Your mailbox over the internet.
>When a man-in-the-middle catch this e-mail (or worse Your PW), he can
>use it for spam, or access Your mailbox.

This is only true for SMTP Authentication of type "plain" and "login".

With CRAM-MD5 its quite save.

Read: http://www.fehcom.de/qmail/smtpauth.html#FRAMEWORK


Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24

Reply via email to