Hello Erwin,

Friday, May 21, 2004, 7:37:15 PM, you wrote:

EH> Hi,

EH> At 17:21 21.05.04 +0200, you wrote:
Hello Erwin,

Friday, May 21, 2004, 5:14:30 PM, you wrote:

EH> Hi,

EH> At 11:41 21.05.04 +0200, you wrote:
Hello blist,

In the OLD days, people were happy with SMTP-Auth.  I consider it LESS
security as SMTP after POP, because with SMTP-Auth, You sent Your
e-mailadress and Your password of Your mailbox over the internet.
When a man-in-the-middle catch this e-mail (or worse Your PW), he can
use it for spam, or access Your mailbox.
EH> This is only true for SMTP Authentication of type "plain" and "login".

EH> With CRAM-MD5 its quite save.

EH> Read: http://www.fehcom.de/qmail/smtpauth.html#FRAMEWORK


Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
If there are many hops between Your workstation and the smtpserver,
You can get some spam in return.

More, Your mail is sent in plaintext.  I prefer encrypted streams,
so SUPP's patch which encrypts the stream with SSL, and authenticate
afterwards (in plaintext) is still the best way to go, it's not a big
effort to realize.

EH> Pls. tell us how you intend to communicate to the rest of the world by
EH> means of email with encrypted addresses.

EH> You are joking, troll.

EH> regards.
EH> --eh.

EH> Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
EH> Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24

To be rude and without respect, this was the speciality of Your
ancestors when they pretended to be the most bright race on Earth.
For Your records annoo 1914-18, 1940-1945.  Clearly, some can't deny
their roots.

Ahhh...yes! A flame war...always nice :)

Reply via email to