On Friday 21 May 2004 10:21 am, [EMAIL PROTECTED] wrote:
> EH> This is only true for SMTP Authentication of type "plain" and "login".
> EH> With CRAM-MD5 its quite save.

> Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
> If there are many hops between Your workstation and the smtpserver,
> You can get some spam in return.

I am truly amazed at that statement.

> More, Your mail is sent in plaintext.  I prefer encrypted streams,
> so SUPP's patch which encrypts the stream with SSL, and authenticate
> afterwards (in plaintext) is still the best way to go, it's not a big
> effort to realize.

but most servers out there don't have TLS support so your email still goes 
across unencrypted.

for instance, I use smtps to talk to my mail server, purely because I have it 
available (I'm not using smtp auth or anything) but I realize that when it 
leaves my server it's not encrypted.

If you want end to end encryption of emails, most MUAs support pgp/gpg/s-mime 
encryption formats.


Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
        kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail

Reply via email to