Re: sasl spam?

To: debian-isp@lists.debian.org
Subject: Re: sasl spam?
From: Matus UHLAR - fantomas <uhlar@fantomas.sk>
Date: Mon, 7 Oct 2013 17:30:25 +0200
Message-id: <[🔎] 20131007153025.GA10559@fantomas.sk>
Mail-followup-to: debian-isp@lists.debian.org
In-reply-to: <[🔎] 302597851.20131007165552@marki-online.net>
References: <[🔎] 1055097688.20131007154215@marki-online.net> <[🔎] 20131007141632.GA9639@fantomas.sk> <[🔎] 302597851.20131007165552@marki-online.net>

Monday, October 7, 2013, 16:16:32, Matus UHLAR - fantomas wrote:

do you require or at least provide SSL/TLS encryption for SMTP users?
While possibility of such malware is quite high (there was already malware
stealing FTP passwords), it may not be able to sniff on encrypted
connections


On 07.10.13 16:55, Marek Podmaka wrote:

Of course we have smtp/pop3/imap also over ssl/startls, alhough I
don't have stats how many users do use it.


with e.g. courier MTA you can allowed plaintext authentication only with
encyphered connection.

Malware can redirect the
SMTP/IMAP connection to itself like many antivirus software does.


Using proper certificates could detect the MITM attack.

Or maybe it sniffs on the local network, but I don't guess it's very
effective in switched networks (hmm or maybe public wifi).


that's it...

Good idea about requiring SSL/TLS. Is there any overview if there are
clients/mobile devices actively in use which don't support it? For
example will Outlook without SSL/TLS configured use it server will
require it?


I have no idea if some clients don't support encryption, but I think it
would be worth trying...

BTW the FTP stealing is still a threat, if I remember it steals
passwords from Total Commander. That's why we enable FTP from exotic
countries (geoip) only on request.


I haven't got to the requiring FTPS, since there aren't many clients
supporting that. However, if you provide scp/sftp access, it should be
already possible only to allow encyphered connections.

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"To Boot or not to Boot, that's the question." [WD1270 Caviar]

Reply to:

References:
- sasl spam?
  - From: Marek Podmaka <marki@marki-online.net>
- Re: sasl spam?
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>
- Re: sasl spam?
  - From: Marek Podmaka <marki@marki-online.net>

Prev by Date: Re: sasl spam?
Next by Date: Re: sasl spam?
Previous by thread: Re: sasl spam?
Next by thread: Re: sasl spam?
Index(es):
- Date
- Thread