andreas palsson wrote: > I am most worried about SMTP, in which there seems to be no(?) actual > password-verification.
that i think is one of the best things about SMTP, no passwords to sniff > > Does anyone have encountered a similar situation? > Suggestions on what to do? What to read? install sslwrap and ssl your pop3 daemon and firewall off the pop3 service for all but localhost, force the clients to use a pop3 client with ssl support or be nice and turn on imap with ssl for clients that can't do pop3/ssl. nate -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
