Bugtraq mailing list archives
Re: Apple OSX and iDisk and Mail.app
From: Eric Hall <bugtraq () darkart com>
Date: Wed, 24 Jul 2002 16:18:23 -0700
On Wed, Jul 24, 2002 at 10:06:27PM -0000, spam_bucket () mac com wrote:
In-Reply-To: <86vg75xg18.fsf () blue stonehenge com> Actually all I did was click on the SSL button and it seems to do everything over SSL now. I'm using 10.1.5 and it "just works" and I cant see the stream anymore. As a side effect it seems to also protect all of the email as well.
I took a look w/ tcpdump, Mail.app IMAP+SSL appears to be fine, nicely
obfuscated. Mail.app authenticated SMTP through smtp.mac.com appears to
try to start TLS, but the connection closes, a new port 25 connection is
opened and AUTH happens in the clear (AUTH=PLAIN) and the message is sent
in the clear.
-eric
Current thread:
- Apple OSX and iDisk and Mail.app Randal L. Schwartz (Jul 24)
- Re: Apple OSX and iDisk and Mail.app Dale Southard (Jul 24)
- Re: Apple OSX and iDisk and Mail.app Daryl Tester (Jul 25)
- Re: Apple OSX and iDisk and Mail.app osx_guru (Jul 24)
- <Possible follow-ups>
- Re: Apple OSX and iDisk and Mail.app spam_bucket (Jul 24)
- Re: Apple OSX and iDisk and Mail.app Eric Hall (Jul 25)
- Re: Apple OSX and iDisk and Mail.app Dale Southard (Jul 24)