Hello Charles, In a corporate environment, where someone's job depends upon them following the edicts of a boss, you can force a lot of things down users' throats. And you should enforce such rules, for the security of your business.
But, when dealing with things at the small ISP level, with people whose use of your service is entirely optional, and they're willing to give up some security for their convenience, life is different. The closest I can get to your situation is to suggest passwords. I don't have an environment where I can force 100% encrypted access, etc. Heck, it took me a month to convince one customer that he really should at least delete the spam messages from his accounts periodically... POP-before-SMTP is just a lot easier for clients with diverse collections of hardware, operating systems, and client software to deal with. No, it isn't super-secure. But we're not dealing with the need for authenticated source tracking, just keeping the spam from being able to make it through. CM> How hard is it to write up instuctions for the user to switch to a CM> secure auth model for your critical business email systems? CM> Lazy, lazy, lazy... CM> I force my users to use strong passwords - 15 characters, no CM> dictionary words, must contain letters, numbers and special CM> characters (at least 4)... they yelled - for about 5 minutes, then CM> just accepted it. CM> Write up instructions for them on how to save the password in their CM> email client or web browser, so they only have to enter it once. CM> Every quarter they have to change it. Haven't heard one complaint. CM> It's simply a matter of explaining to them why it is necessary - CM> do they want their email to be secure, or not? -- Best regards, Jeff mailto:[EMAIL PROTECTED] _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
