Re: [exim] POP3 authentication

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: 韓家標 Bill Hacker
Fecha:  
A: exim users
Asunto: Re: [exim] POP3 authentication
Pablo Baldovi wrote:
> Hello,
> I have a question for them.
> It happens that the configuration that authenticates the user with a good connection on POP3, when done in an organization, malicious anyonecan after a successful connection, change the configuration of your mail client and send mail as another person correct.
> Is there any way to fix this in a shared environment? (I hired a shared hosting plan)
>
> Thank you very much for your comments.
>
>
> Pablo Baldovi
> pbaldovi@???
>
>
>


SMTP auth based on prior successful POP (or IMAP) auth WAS a
'convenience' for admin setup's sake. I never liked it, went to
independent auth (and credentials, FWIW) 'many moons ago'.

YMMV.

But NEITHER is any assurance that, for example, any WinLuser's MUA won't
get compromised - thereby handing-over either/both sets of credentials.

From time to time, they most assuredly WILL do.

You just have to take steps to watch for the signs of that and have a
rapid means of fixing it.

Bill
--
韓家標