Security Basics mailing list archives
Re: pop before smtp ?
From: ss666 () ss666 ru
Date: 12 Jul 2005 09:53:51 -0000
I've made alot of mailservers, and if you want to improve security really good - use SSL with your own CA as the main authentication subroutine. There are many types of authentification in non-ssl mode, and - frequently speaking - they're all almost the same from a viewpoint of security. And when you'll use it with SSL - it will be mush easier for you, because at client side you don't need to change authentification type via SSL. At server side you'll need to integrate SSL software NOT as just tunneler, but as additional verification tokens provider( i.e. OU, CN, ... ). Add theese tokens to your existing client entities database - and be fine. What SSL software you should use - it's a question of taste... I'm using OpenSSL + modified Stunnel, and it works pretty fine.
Current thread:
- pop before smtp ? Eduardo Kienetz (Jul 11)
- Re: pop before smtp ? security (Jul 12)
- <Possible follow-ups>
- Re: pop before smtp ? ss666 (Jul 12)
- Re: pop before smtp ? ChayoteMu (Jul 13)