On Tue, Oct 08, 2002 at 04:23:40PM +0800, Holden Hao wrote: > This is for security reasons right? Which is the best approach SSL or > GnuPG encryption? How are the two different? SSL is for secure > connections, right? Are emails sent through SSL secure only after the > MUA sends it to your SMTP? How about when it is passed on server to > server? Are they still being secured by SSL until your intended > reciver recieves it?
The SSL work that I've suggested only encrypts the session between the MUA and MTA. The SSL POP3 prevents passwords from being sniffed en route. We had to do that because for some users on the server you got a shell via SSH with it. You'd do SMTP over SSL to provide strong authentication for use of the SMTP server: preventing spammers and other unauthorized folk from using it as a relay. Might be useful and we're still considering doing that as it would make some stuff a lot easier. Unless every mail relay between you and your destination used SSL, your mails would not be cryptographically secure. The methods I've described only strongly authenticate and encrypt the MUA and MTA sessions, which are also necessary for the server's sake. -- Rafael R. Sevilla <dido at imperium dot ph> +63(2)8123151 Software Developer, Imperium Technology Inc. +63(917)4458925 _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
