On Friday 21 May 2004 10:21 am, [EMAIL PROTECTED] wrote: > EH> This is only true for SMTP Authentication of type "plain" and "login". > EH> With CRAM-MD5 its quite save.
> Yes, it's 'quite' safe, but You still reveal Your e-mailadress. > If there are many hops between Your workstation and the smtpserver, > You can get some spam in return. I am truly amazed at that statement. > More, Your mail is sent in plaintext. I prefer encrypted streams, > so SUPP's patch which encrypts the stream with SSL, and authenticate > afterwards (in plaintext) is still the best way to go, it's not a big > effort to realize. but most servers out there don't have TLS support so your email still goes across unencrypted. for instance, I use smtps to talk to my mail server, purely because I have it available (I'm not using smtp auth or anything) but I realize that when it leaves my server it's not encrypted. If you want end to end encryption of emails, most MUAs support pgp/gpg/s-mime encryption formats. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail