Ok I got it, brain fart
----- Original Message -----
From: "madmac" <sysad...@tricubemedia.com>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Wednesday, April 14, 2010 3:06 PM
Subject: Re: [qmailtoaster] Re: spam
Sorry eric I have just got to ask;
what is TTBOMK
----- Original Message -----
From: "Eric Shubert" <e...@shubes.net>
To: <qmailtoaster-list@qmailtoaster.com>
Sent: Wednesday, April 14, 2010 9:28 AM
Subject: [qmailtoaster] Re: spam
David Milholen wrote:
Eric Shubert wrote:
Jake Vickers wrote:
On 04/09/2010 05:26 PM, Eric Shubert wrote:
Jake Vickers wrote:
On 04/09/2010 11:25 AM, madmac wrote:
Is there then a way to secure squirrelmail, or any other webmail
prog.
This is a default install of qmail with the ISO.
Not having it is not an option, as most of the clients can only use
webmail as they are on the road daily.
Thanks
I use fail2ban to monitor for brute-force attacks. Works on pop3 as
well.
fail2ban is good for brute-force attacks all right, but useless if a
password is sniffed. Best to be sure that no passwords travel the
internet in the clear.
True - I run everything using SSL myself.
I normally do not see too many passwords sniffed. I can provide gigs
worth of logs of brute force attempts. ;)
Yeah, I've only seen pw sniffed once.
Lots of "script kiddies" out there though. I shut off pop3 entirely,
and users use pop3-ssl. Haven't noticed any brute-force attacks on
IMAP, or SMTP for that matter (doesn't mean there haven't been any
though).
I am migrating everything over to ssl slowly but in oder to do a full
move without people noticing the pop up one time I need a fix on my self
signed cert so it doesnt pop up everytime I login.
I am looking into it but just havent had time to figure out what I did
wrong when I did the cert.
--dave
TTBOMK, the only way to avoid having to do anything on the clients is to
pay for a cert from a CA that's recognized by the client by default. The
best I've been able to do short of that is to use cacert.org to sign
certs. Still need to import cacert.org's root cert into each client, but
once that's done then any cert signed by cacert.org will pass.
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com