Re: [exim] What's the best way to secure both SMTPandPOPaut…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: jtelep
Ημερομηνία:  
Προς: W B Hacker
Υ/ο: exim users
Παλιά Θέματα: Re: [exim] What's the best way to secure both SMTP andPOPauthentication?
Αντικείμενο: Re: [exim] What's the best way to secure both SMTPandPOPauthentication?
> jtelep@??? wrote:
>
> *snip* (TLS)
>
>>
>> Please forgive my ignorance as I have never set this up before but the
>> client that I use (Thunderbird) for sending the mail does complain about
>> the validity of the certificate that my server offers it when I connect
>> to
>
> *SNIP*
>
> T-Bird is similar to Mozilla Mail, so:
>
> - When the grey 'warning' box appears as you try to connect, pay attention
> to
> the click boxes offered.
>
> - What you want (eventually) is to accept the certificate and its
> Certificate
> Authority permanently (or 'to expiry').
>
> The MUA will store what it needs where it needs it.
>
> There are menus to 'manage' certs and CA', so you can discard or replace
> these
> later. IIRC, the stock cert will expire in one year, so you will need to
> create
> a new one at some point, do all this again for each MUA.
>
> HTH,
>
> Bill
>
>
>
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>

Great, this helps so much. Thanks for your help Bill. So just for a
quick recap to be sure that I understand this correctly, once TLS is
enabled it handles all of encryption regarding SMTP traffic including the
authentication. So I can use sasl-plain auth without being concerned that
someone can "sniff" the user_id and password because the connection has
already been encrypted. Let me know if I am off base here at all.

Thanks again!