In echo to this I have to put my 2 cents in. Yes, once the mail leaves the server on its way to the destination, its all clear text, however, the reason SSL is used on a mail server is more of a security issue with people sniffing and gaining access to the owners mail account.
For example: If I am able to sniff packets between a client and the server and gain the account name and password I could send an e-mail to whom ever I wanted, I'm sure I don’t have to explain the secret services thoughts on sending bad mail to the President (arrest now, question later, we had this happen at an ISP I used to work at). Now if the client was attached via SSL to the server, then I'd have a tough time (it wouldn’t be worth it) trying to figure out the password. There is no such thing as a secure e-mail. The general rule I tell people when asked if their computer is safe from viruses and hacking is "If your computer is connected to the internet, then no" Scott -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bruce Barnes Sent: Friday, January 02, 2004 6:27 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] SSL Questions Not to throw water on this conversation, but SSL certificates installed on any e-mail server situation are really a mute point - they are basically useless. Remember, the SSL certificate is only going to encrypt the data between the originators client and the e-mail host. Once the e-mail is sent to the host to be delivered to the intended recipient, it still goes as CLEAR TEXT, without any encryption when it leaves the server from which it was sent and can be read by anyone who is cleaver enough to capture the date packets that actually transmit the data. While this is rather difficult to do, it is not impossible and is commonly used by hackers to capture data in their attempts to crack networks, steal user accounts, steal passwords and gain access to data that is otherwise not intended for their eyes. Unless your network is on a PRIVATE NETWORK and the e-mail servers that are used for communications within the company are completely isolated and inaccessible from and to the public internet, spending money to purchase any kind of an SSL certificate for e-mail makes no sense whatsoever. The more viable option is to use a public/private key option and send any sensitive material using private key encryption technology. While even this is not completely perfect, it is much more secure than using an SSL certificate to send messages. Bruce Barnes, ChicagoNetTech Inc -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dan Horne Sent: Friday, January 02, 2004 08:43 To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] SSL Questions >> Follow up: >>http://www.freessl.com/chainedssl/chainedssl_wildcard.html A warning about this: When I set up SSL for 7.15, we ran into a problem using chained certs from Comodo. The Imail SSL Configuration Utility would not accept a chained certificate. My understanding was that it could only accept one certificate, and that certificate must be root-trusted. Chained certificates mean you have to install 2 or 3 or more certificates. I worked with Ipswitch and Comodo for months (even made a useless and expensive call to Microsoft) and we never got the chained cert to work. The CA even sent all three certs in one file, but Imail still choked. Finally, I got a refund from Comodo and got a non-chained cert from Geotrust (which, coincidentally, was the root-level cert that Comodo was chained to). That one worked right away because it is root-trusted. I never got a definitive answer from Ipswitch, but in my experience chained certs do not work with Imail's webmail. More info on freessl's chained certs can be found here: http://www.freessl.com/faq.html#8 Dan Horne, CCNA Web Services Administrator TAIS Web Wilcox World Travel & Tours [EMAIL PROTECTED] ---------------------------------------------------- CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.556 / Virus Database: 348 - Release Date: 12/26/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.556 / Virus Database: 348 - Release Date: 12/26/2003 To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
