Comments on: Vodafone illegally intercepting 3G-users’ email? http://blog.stuart.shelton.me/archives/83 Normal service will be resumed shortly... Mon, 23 Jan 2012 20:24:47 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Stuart http://blog.stuart.shelton.me/archives/83/comment-page-1#comment-7654 Stuart Thu, 02 Jul 2009 08:06:43 +0000 http://blog.srcshelton.miltonroad.net/?p=83#comment-7654 So you're advocating security through obscurity - and still transmitting messages in the clear - rather than using industry-standard and proven encryption technology to ensure that you're talking to the server you think you're talking to? Whilst using an alternative port should work for now, if you're not confirming the server's identity then communications could still be intercepted at any point, and using alternative ports does require additional client configuration. The only downside of enabling SSL is that establishing a connection is more computationally expensive, leading to higher load on the mail server. So you’re advocating security through obscurity – and still transmitting messages in the clear – rather than using industry-standard and proven encryption technology to ensure that you’re talking to the server you think you’re talking to?

Whilst using an alternative port should work for now, if you’re not confirming the server’s identity then communications could still be intercepted at any point, and using alternative ports does require additional client configuration.

The only downside of enabling SSL is that establishing a connection is more computationally expensive, leading to higher load on the mail server.

]]> By: Shaun http://blog.stuart.shelton.me/archives/83/comment-page-1#comment-7648 Shaun Wed, 01 Jul 2009 12:22:13 +0000 http://blog.srcshelton.miltonroad.net/?p=83#comment-7648 oh don't even trust encryption, but also know you can use alternative smtp ports if you're smtp server uses that function as ours does... You don't even need to do ssl, if your e-mail server uses an addiotional alternative smtp port like ours does on port 366 then just do the following: server for outgoing mail: smtp.provider.com:366 works like a charm, if you then also use an alternative ssl smtp port then you're pretty well protected. oh don’t even trust encryption, but also know you can use alternative smtp ports if you’re smtp server uses that function as ours does…

You don’t even need to do ssl, if your e-mail server uses an addiotional alternative smtp port like ours does on port 366 then just do the following:

server for outgoing mail: smtp.provider.com:366

works like a charm, if you then also use an alternative ssl smtp port then you’re pretty well protected.

]]>