[ale] OT: SMTP/POP3 Password Encryption

Andrew Newton anewton at ecotroph.net
Thu May 22 09:51:55 EDT 2003


hbbs at attbi.com wrote:
> 
> The moral being, as I understand it, use SSL between your e-mail client and your
> MTA to protect the e-mail server authentication and use PGP to protect the
> message content.  Is that pretty much the Right Thing To Do?

PGP or S/MIME.

But from a pragmatic view, the password in the clear problem or 
unencrypted sessions are mostly likely only a real issue on open and 
public networks, such as wifi at a conference or in a coffee shop. 
Chances are that if somebody is snooping traffic off of your ISP's net, 
they already have access to your password (and most likely because they 
work there).  If they are snooping on a back-bone, then they have many 
bigger targets than your email.

Just my $0.02.

-andy

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list