I would Dave.. Remo ----- Original Message ----- From: "DAve" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, September 22, 2005 10:50 Subject: Re: [vchkpw] chkuser 2.0.8b
> Tom Collins wrote: >> On Sep 22, 2005, at 1:42 AM, John Simpson wrote: >> >>> if you're supporting AUTH, you really should use TLS as well. >>> otherwise you're allowing your users to send their passwords across >>> the internet in plain text- and all it takes is one spammer with a >>> packet sniffer to use your machine as a relay. >> >> >> If you use CRAM-MD5 for the AUTH method, it's impossible to sniff the >> cleartext password. >> >> TLS is a good idea, but getting your users to enable it in their clients >> can be a challenge. It's hard enough explaining how to enable SMTP AUTH! >> >> Here's an idea, how about a Wiki page dedicated to instructions on >> setting SMTP AUTH in various email clients? People could contribute by >> taking screen shots of their setup, preferably with '[EMAIL PROTECTED]' or >> some similar username. >> >> A more ambitious project would be to use PHP and GD with the proper >> fonts to automatically fill in the fields and generate a completely >> custom "how to" page. Any ISP could use it, and make use of hidden >> fields to enable/disable certain features (like 'user port 587 for >> outbound smtp', 'enable TLS', 'use full email address as username', 'use >> smtp.server.com for outbound email', etc.). The end user could enter >> their name, email address and email client and get a one-page printout >> instructing them on how to set everything up. > > If screen shots were provided, any of the PDF generators for PHP could > provide a custom PDF file with ISP branding for downloading on demand. > > Interesting Idea...... We are in the middle of moving our entire > operation, NOC and office. But afterwards maybe, would anyone be > interested in this if I did it? > > DAve > >> >> -- >> Tom Collins - [EMAIL PROTECTED] >> QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ >> You don't need a laptop to troubleshoot high-speed Internet: sniffter.com >> >> >> > >
