[EMAIL PROTECTED] wrote:|
Ahhh...yes! A flame war...always nice :)
Friday, May 21, 2004, 7:37:15 PM, you wrote:
EH> At 17:21 21.05.04 +0200, you wrote:
Friday, May 21, 2004, 5:14:30 PM, you wrote:
EH> At 11:41 21.05.04 +0200, you wrote:
In the OLD days, people were happy with SMTP-Auth. I consider it LESS
security as SMTP after POP, because with SMTP-Auth, You sent Your
e-mailadress and Your password of Your mailbox over the internet.
When a man-in-the-middle catch this e-mail (or worse Your PW), he can
use it for spam, or access Your mailbox.
EH> This is only true for SMTP Authentication of type "plain" and "login".
EH> With CRAM-MD5 its quite save.
EH> Read: http://www.fehcom.de/qmail/smtpauth.html#FRAMEWORK
Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
If there are many hops between Your workstation and the smtpserver,
You can get some spam in return.
More, Your mail is sent in plaintext. I prefer encrypted streams,
so SUPP's patch which encrypts the stream with SSL, and authenticate
afterwards (in plaintext) is still the best way to go, it's not a big
effort to realize.
EH> Pls. tell us how you intend to communicate to the rest of the world by
EH> means of email with encrypted addresses.
EH> You are joking, troll.
EH> Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
EH> Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24
To be rude and without respect, this was the speciality of Your
ancestors when they pretended to be the most bright race on Earth.
For Your records annoo 1914-18, 1940-1945. Clearly, some can't deny