Security Basics mailing list archives
Re: pop before smtp ?
From: ChayoteMu <chayotemu () gmail com>
Date: Tue, 12 Jul 2005 20:23:56 -0700
This isn't as much a security viewpoint, but from a tech support standpoint. I worked for a web hosting company that was, by my guess, about 70% personal sites and the rest commercial ones (even though they yelled louder) and we used pop before smtp. One of the biggest e-mail issues we had were people not recieving e-mail before sending it and wanting to know what was going on. Where I work now we use SASL and it makes things a good deal easier because we know that's the issue if they cannot send e-mail, with pop before smtp we had to troubleshoot for a bit before we could determine that. Also keep in mind if you make changes the average customer (at least by what I've seen) won't notice until things break, then they'll be mad at you (well the tech on the line) that it's broken. I've been a phone monkey for a year and have to mention that. I do like the idea of using either one and sending e-mails to the customers letting them know you're switching to one of them in X amount of time, that way if they don't the tech can feel better by telling the customer how many e-mails were sent with explicit directions. :-D On 12 Jul 2005 09:53:51 -0000, ss666 () ss666 ru <ss666 () ss666 ru> wrote:
I've made alot of mailservers, and if you want to improve security really good - use SSL with your own CA as the main authentication subroutine. There are many types of authentification in non-ssl mode, and - frequently speaking - they're all almost the same from a viewpoint of security. And when you'll use it with SSL - it will be mush easier for you, because at client side you don't need to change authentification type via SSL. At server side you'll need to integrate SSL software NOT as just tunneler, but as additional verification tokens provider( i.e. OU, CN, ... ). Add theese tokens to your existing client entities database - and be fine. What SSL software you should use - it's a question of taste... I'm using OpenSSL + modified Stunnel, and it works pretty fine.
-- ChayoteMu "To catch a thief, think like a thief. To catch a master thief, be a master thief."
Current thread:
- pop before smtp ? Eduardo Kienetz (Jul 11)
- Re: pop before smtp ? security (Jul 12)
- <Possible follow-ups>
- Re: pop before smtp ? ss666 (Jul 12)
- Re: pop before smtp ? ChayoteMu (Jul 13)