[ale] OT: SMTP/POP3 Password Encryption
hbbs at attbi.com
hbbs at attbi.com
Thu May 22 08:56:21 EDT 2003
Heh, *I* am not the one who needs the introduction!
I think that for the vast majority of ISP mail situations, the e-mail traffic
(to include un/pw pairs) run to and from the mail server in the clear and the
security - such as it is - comes from not having that traffic run anywhere and
everywhere. The flaw in this, of course, is that there's a wide-open
vulnerability everywhere that it *does* run.
The moral being, as I understand it, use SSL between your e-mail client and your
MTA to protect the e-mail server authentication and use PGP to protect the
message content. Is that pretty much the Right Thing To Do?
- Jeff
> Transam wrote:
>
> > Neither SMTP nor POP3 (nor IMAP for that matter) are encrypted. Both
> > the password (POP3 & IMAP) and all text is sent in the clear. May I
> > introduce you to the world of encrypting your email before transmission?
>
> Does anyone know if there is way to set up encrypted passwords for any
> mail access? I guess you'd have to work with your isp to do some kind
> of ssh tunnel or something???
>
> It seems I find that many a Linux newcomer will set their pop3 and root
> passwords to the same thing, for convenience... :(
>
>
> --
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list