The risk of someone bothering to parse packets and retrieve your
passwords in order to gain access to user email is, I think, extremely
small unless you have information that people really want to read, in
which case it is easy to do.
In other words, almost anyone can get a password from plain
> The risk of someone bothering to parse packets and retrieve your
passwords in order to gain access to user email is, I think, extremely
small unless you have information that people really want to read, in
which case it is easy to do.
>
> In other words, almost anyone can get a password from
> I would like to protect the email.
>
> Are there other (or better) forms of encryption (or other approaches)
> available in XMail?
There is always PGP and the like..
-darren
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For g
You might consider using stunnel. I think it's available for Windows
(definitely for GNU/Linux).
Adrian Hicks
On Friday 09 September 2005 14:50, Jeff Buehler wrote:
> The risk of someone bothering to parse packets and retrieve your
> passwords in order to gain access to user email is, I thin
Am 9.9.2005 schrieb "Adrian Hicks" <[EMAIL PROTECTED]>:
>You might consider using stunnel. I think it's available for Windows
>(definitely for GNU/Linux).
Yes it is!
Can be found here:
http://www.stunnel.org/download/binaries.html
But using stunnel is preferred using SSL secured IRC connection
As far as I know stunnel can provide a secure tunnel for any TCP port.
I've used it for secure LDAP connections in the past.
Adrian Hicks
On Friday 09 September 2005 17:55, [EMAIL PROTECTED] wrote:
> Am 9.9.2005 schrieb "Adrian Hicks" <[EMAIL PROTECTED]>:
> >You might consider using stunnel.
On 09.09.2005 11:55, [EMAIL PROTECTED] wrote:
> Am 9.9.2005 schrieb "Adrian Hicks" <[EMAIL PROTECTED]>:
>
>
>>You might consider using stunnel. I think it's available for Windows
>>(definitely for GNU/Linux).
>
>
> Yes it is!
> Can be found here:
> http://www.stunnel.org/download/binaries.htm
Am 9.9.2005 schrieb "Sönke Ruempler" <[EMAIL PROTECTED]>:
>works for wrapping every tcp connection :)
I know that. But did u try it out?
There are lots of sites in the wild, where troubles are explained using
Stunnel.
But well, it might work - give it a try Ross.
--
Regards,
Alexander 'xaitax
[EMAIL PROTECTED] <> wrote on Friday, September 09, 2005 12:16
PM:
> Am 9.9.2005 schrieb "Sönke Ruempler" <[EMAIL PROTECTED]>:
>
>> works for wrapping every tcp connection :)
>
> I know that. But did u try it out?
> There are lots of sites in the wild, where troubles are explained
> using Stunn
Am 9.9.2005 schrieb "Sönke Ruempler" <[EMAIL PROTECTED]>:
> Yes i did, even with XMail some time ago.
I never said, it won't work - I only mentioned, that stunnel causes
often problems.
I also wrote, that he could try it out and then he will see if it works -
or won't.
--
Regards,
Alexander 'xa
It would be nice to get SSL working with XMail - if I can get some time
together today, Ross, I will try compiling the SSL patch for XMail 1.21
under FreeBSD 5.4, and see if I can get it working.
Jeff
Alexander Hagenah wrote:
>Am 9.9.2005 schrieb "Sönke Ruempler" <[EMAIL PROTECTED]>:
>
>
>
Alas, I'm on FreeBSD! Is there Linux stunnel?
PGP would protect the mail itself, but is a separate issue from securing
SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT
INFORMATION.
Even if it's unlikely that someone would sniff my users' packets, what's
to stop a spammer
Wow, that would be great! Also, the current openssl is 0.9.7g, what
version should I be using? Do you need any more information from me?
Also, I'm on FreeBSD 5.3, think it will still work?
Someone suggested md5 passwords, but this is client-dependent. I use
Thunderbird on Mac OS 10.4. I have n
Well, that was easy! It compiled and linked without difficulty on my
FreeBSD 5.4 platform. My openssl is version 0.9.7e, however ... try
upgrading to that and see if you have better luck...
Jeff
Ross Gohlke wrote:
>I have tried to install the patch linked from the XMail homepage:
>http://ma
By the way, while it is possible, I think the likelihood of spammers
going to the effort to retrieve packets to use your server for spamming
is extremely low. I have never heard of anyone going to the effort to
sniff packets simply to spam on commercial servers - none of the big
commercial se
On FreeBSD there is a port of stunnel: /usr/ports/security/stunnel
Jeff
Ross Gohlke wrote:
>Alas, I'm on FreeBSD! Is there Linux stunnel?
>
>PGP would protect the mail itself, but is a separate issue from securing
>SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT
>INFORM
> -Message d'origine-
> De : Ross Gohlke [mailto:[EMAIL PROTECTED]
> Envoyé : vendredi 9 septembre 2005 17:45
> À : xmail@xmailserver.org
> Objet : [xmail] Re: XMail + SSL patch
>
>
>
> Alas, I'm on FreeBSD! Is there Linux stunnel?
>
>
Jeff Buehler wrote:
> By the way, while it is possible, I think the likelihood of spammers
going to the effort to retrieve packets to use your server for spamming
is extremely low. I have never heard of anyone going to the effort to
sniff packets simply to spam on commercial servers - none of
You should ALWAYS be able to tell if someone is abusing your system by
doing a somewhat regular log analysis, at least in my opinion.
If I were to implement SSL, I would do this log analysis regularly
anyway. This is the only way I know of that many system attacks can be
discovered - vigilanc
19 matches
Mail list logo