Re: sasl spam?

To: debian-isp@lists.debian.org
Subject: Re: sasl spam?
From: Marek Podmaka <marki@marki-online.net>
Date: Mon, 7 Oct 2013 16:55:52 +0200
Message-id: <[🔎] 302597851.20131007165552@marki-online.net>
Reply-to: Marek Podmaka <marki@marki-online.net>
In-reply-to: <[🔎] 20131007141632.GA9639@fantomas.sk>
References: <[🔎] 1055097688.20131007154215@marki-online.net> <[🔎] 20131007141632.GA9639@fantomas.sk>

Hello,

Monday, October 7, 2013, 16:16:32, Matus UHLAR - fantomas wrote:

> do you require or at least provide SSL/TLS encryption for SMTP users?
> While possibility of such malware is quite high (there was already malware
> stealing FTP passwords), it may not be able to sniff on encrypted
> connections

Of course we have smtp/pop3/imap also over ssl/startls, alhough I
don't have stats how many users do use it. Malware can redirect the
SMTP/IMAP connection to itself like many antivirus software does. Or
maybe it sniffs on the local network, but I don't guess it's very
effective in switched networks (hmm or maybe public wifi).

Good idea about requiring SSL/TLS. Is there any overview if there are
clients/mobile devices actively in use which don't support it? For
example will Outlook without SSL/TLS configured use it server will
require it?

BTW the FTP stealing is still a threat, if I remember it steals
passwords from Total Commander. That's why we enable FTP from exotic
countries (geoip) only on request.

-- 
  bYE, Marki

Reply to:

Follow-Ups:
- Re: sasl spam?
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>

References:
- sasl spam?
  - From: Marek Podmaka <marki@marki-online.net>
- Re: sasl spam?
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>

Prev by Date: Re: sasl spam?
Next by Date: Re: sasl spam?
Previous by thread: Re: sasl spam?
Next by thread: Re: sasl spam?
Index(es):
- Date
- Thread