[Dovecot] vpopmail

Magnus Holmgren holmgren at lysator.liu.se
Sun Jun 4 15:27:56 EEST 2006


On Sunday 04 June 2006 12:34, C J Kenneth Tan -- OptimaNumerics took the 
opportunity to write:
> 1. Would you be able to explain to me how SMTP AUTH prevents virus
>    relay that cannot be accomplished with POP-before-SMTP?

With POP-before-SMTP: You check your mail with POP -> you can then send mail 
for, say, 30 minutes, but so can viruses, from any computer behind the same 
NAT box even.
With SMTP AUTH: Password must be supplied with every mail transmission, which 
means that viruses must steal it from you, which is far from impossible but 
at least presents an obstacle.

> 2. Would you be able to also explain what do you mean by "dangerous"?
>
> 3. Would you be able to also explain what do you mean by "major
>    security risk"?

I guess the answer is the same to these questions.

-- 
Magnus Holmgren        holmgren at lysator.liu.se
                       (No Cc of list mail needed, thanks)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20060604/62e9420e/attachment.pgp


More information about the dovecot mailing list