gerard at linuxfromscratch.org
Fri Jun 1 13:41:51 PDT 2001
On Fri, Jun 01, 2001 at 10:34:34PM +0200, Kristoffer Ekelund wrote:
> Hi all!
> I'm in the process of setting up in and outgoing email services on my LFS
> machine and I've stumbled upon a question I haven't been able to find the
> answer to yet. Is there any protocols for checking email that doesn't use
> plaintext password. I haven't even been able to figure out if pop3 uses
> plaintext passwords, I think it does but I'm not sure or if there is any
> way to make it use some good form of encrypted passwords...
> Also, are there any email programs (MDA's and MTA's mainly) that anyone
> can recomend on the basis of security? I'm setting up qmail right now,
> since sendmail seems to have to many exploits...
As an MTA I personally recommend postfix
pop3 security can be obtained relatively easy by using ssh port
forwarding. It's a bit more work for the client, but it won't require
any changes to pop3 daemon. you can use ssh port forwarding with
everything basically, not just pop3.
-*- If Linux doesn't have the solution, you have the wrong problem -*-
Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message
More information about the lfs-security