RE: [TCLUG:8010] IMAP vs POP3

To: <tclug-list@mn-linux.org>
Subject: RE: [TCLUG:8010] IMAP vs POP3
From: "Eric Hillman" <ehillman@cccu.com>
Date: Mon, 30 Aug 1999 16:04:37 -0500
Importance: Normal
In-Reply-To: <Pine.LNX.4.10.9908301454510.26891-100000@paoli.math.umn.edu>

> They're both rather insecure methods of transfering mail.  IMAP is
> generally regarded as a strict no-no among the extremely paranoid.  The
> ideal method would be to wrap either POP or IMAP with ssh using the magic
> of port forwarding.  It's not all that practical for the average user, but
> it does guarantee encrypted transmission of username/password and e-mail
> (not to mention some pretty decent compression).
>

	Well, if you really want a *secure* means of dealing with e-mail, my
suggestion would be to get yourself a secure webserver and run one of the
many CGI mail clients available.  However, if you're just trying to keep
people from taking over your server and using it as a war3z site, neither
the current IMAP nor POP3 daemon has any known vulnerabilities (unless I've
missed something, which is possible, I guess.)  POP3's the safer bet, if
only because it's been around much longer.  Personally, I only use IMAP
*inside* our firewall, but I don't have any overly rational reason for that
restriction.

References:
- Re: [TCLUG:8010] IMAP vs POP3
  - From: Peter Lukas <peter@math.umn.edu>

Prev by Date: Re: [TCLUG:8016] case sensitive cdrom
Next by Date: RE: [TCLUG:8016] case sensitive cdrom
Prev by thread: Re: [TCLUG:8010] IMAP vs POP3
Next by thread: Re: [TCLUG:8010] IMAP vs POP3
Index(es):
- Date
- Thread