Some e-mail clients will go kicking and screaming on self-signed certificates, particularly in a virtualhosting environment where the common name needs to be a wildcard (*) for users to access the mail server under their own domains.
I love the paranoia around sniffing that many parties with an invested interest have encouraged. In the end, your data transmits with some encryption on passwords from your PC, through a private network of your ISP who has tens if not hundreds of thousands of clients, then onto MCI/Verizon and other key players in core bandwidth into some datacenter. Nobody of which has any care what your e-mail looks like. Don't get me wrong, I'm all for encryption, but on services like e-mail it seems a bit excessive in favour of a challenge/response authentication.
Besides- these days odds are your PC will be infected and e-mail read on there rather than over the wire where it passes by your ISP aggregated with tons of other traffic at a few hundred Mbit/s. Just my 2c. Both are solutions to the problem, but 587 is more to avoid port 25 blocking by many ISPs as well as to run a SMTP service without ident/hostname lookups to ensure a speedier connection for mail senders, while keeping this on the ports that other mail servers send to.
Jeremy Kitchen <[EMAIL PROTECTED]> wrote:
On Friday 24 March 2006 10:31, Michael Krieger wrote:
> SMTP Authentication seems to be the norm these days, and I'd encourage it.
> Now if only M$ would make it the default or easier than going into
> advanced settings when adding an account (and also the port 587 option).
why use port 587? the 'use secure connection' is right there, and if you're
doing any passing of authentication tokens across the wire, you should be
that's just my two cents.
Jeremy Kitchen ++ [EMAIL PROTECTED]
In the beginning was The Word and The Word was Content-type: text/plain
-- The Word of Bob.