Re: exim4 authentication in etch? - SUCCESS!
Andrei Popescu wrote:
On Tue,07.Oct.08, 10:22:18, Thomas H. George wrote:
[snip security concerns]
Should I worry about this?
The SMTP (used by exim) and POP (used by fetchmail) protocols are not
very secure by default, which is probably one of the reasons we now have
such a huge problem with spam. Only recently more and more ISPs are
using the option to tunnel these protocols inside an encrypted
connection (SSL, TLS, whatever).
I'm not familiar with Iceape, but as far as I know, most GUI mail
clients will default to using non-secure connections, unless
specifically configured to use secure connections (but the server has to
support it as well).
Iceape server security settings offer a choice of Never TLS-if available
TLS SSL and an additional check box to require secure authentication. -
This means that anyone on the internet can "listen"
to the traffic between you and the server and snoop your passwords and
the entire mails.
OTOH, you are just another needle in a huge haystack and I doubt anyone
(except maybe the NSA or similar entities) has the means to watch all
Personally I do appreciate when the ISPs are using the security options
available, even if it's just to cut down on the spam.