on Tue, Dec 09, 2003 at 03:05:04AM -0500, Kevin Mark (kmark+debian-user@pipeline.com) wrote:
> On Mon, Dec 08, 2003 at 04:44:18AM -0800, Karsten M. Self wrote:
> > on Mon, Dec 08, 2003 at 05:40:16AM -0500, Kevin Mark (kmark+debian-user@pipeline.com) wrote:
> > > On Sun, Dec 07, 2003 at 11:55:57PM -0800, Karsten M. Self wrote:
> > > > on Thu, Dec 04, 2003 at 10:56:59PM -0800, Ross Boylan (RossBoylan@stanfordalumni.org) wrote:
> > > > Perhaps their recently introduced virus filtering service:
> > > >
> > > > http://www.earthlink.net/myaccount/help/virusblocker/
> >
> >
> > > Hi KMS,
> > > Funny, I am a subscriber to this ISP and I didn't notice any email
> > > announcements (but then I ususally just delete the isp mail site unseen).
> > > I'm sure
> > > this recent additions was because I (and i'm sure others) were really
> > > pissed at them during the swen 'flash flood' and sent quite a few
> > > emails. I guess this is as 'responsive' as they get. Now if they only
> > > get of their duff and get encrypted pop or the like!!! This would
> > > decrease my spam further!
> >
> > Protocol APOP is supported. Not that this is mentioned anywhere that
> > I'm aware. I just learned of this a few weeks ago.
> >
> > I'm not sure how encrypted POP would help you with regard to spam
> > though....
> >
> HI,
> IIRC, APOP only encrypts the login and the email message is sent in
> the clear. with ssl or the like, my mail would not be sent in the
> clear and thus could not be read and or harvested for email addresses
> or other info.
Your email transiting between you and your ISP _frequently_ (but not
always) crosses only their internal network. Odds of it being harvested
are low.
The mail has _already_ transited between the remote sender (if not you
or another user on your ISP) and your ISP's mailserver. Almost always
in the clear.
Still, odds of your address being harvested in this manner are low,
though it's technically possible. For someone with physical or
technical access to the direct link itself. Pretty much anyone with
sufficient access to do this can get your address by other means,
though.
Far more likely, though, that your friend's been compromised by a virus
which is harvesting your address from his/her addressbook.
Encrypting your authentication tokens in APOP is useful.
Encrypting the mail in transit would be nice for a number of reasons,
but I don't see it having a significant impact on spam.
I'd recommend you focus your attention on realistic and controllable
risks.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
In his dream he was walking late at night along the East Side,
beside the river which had become so extravagantly polluted that new
lifeforms were now emerging from it spontaneously, demanding welfare
and voting rights.
-- HHGTG
Attachment:
pgpWtOG1F5a28.pgp
Description: PGP signature