Re: [9fans] upas/smtpd password authentication

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] upas/smtpd password authentication
Date: Sun, 16 Dec 2007 18:16:06 -0500	[thread overview]
Message-ID: <1a579fc66314c00596b0b6f99acf5fc8@quanstro.net> (raw)
In-Reply-To: <20071216180213.32FA61E8C5C@holo.morphisms.net>

> > even over tls, it seems inconvinent to use two different passwords
> > (really the password and secret) for sending and downloading email.
> 
> it's certainly a bug if imap or smtpd or anything else expects
> a password that is not the inferno/pop secret.
> 
> however, sending that password in plain text is no more
> secure than sending the plan 9 password in plain text.
> either way you should be using tls and not accept *any*
> passwords sent over an unencrypted connection.

i agree ... in general.  but the problem we're trying to solve is
to stop spam relay and to make a reasonable effort to insure
it's difficult to mess with someone's mail via imap.
(email is not secret anyway, since it is almost always sent
offsite and often archived in unexpected places.)

tls seems like something extra to break.  i have several
dozen mac/windows users that need detailed instructions
for every change.

i'm not a security expert.  what case that i can't currently see
would tls solve for me that's worth the extra configuration.
what am i missing?

- erik

next prev parent reply	other threads:[~2007-12-16 23:16 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-12-15  0:09 erik quanstrom
2007-12-15  0:16 ` Steve Simon
2007-12-15  0:26   ` erik quanstrom
2007-12-16 18:02     ` Russ Cox
2007-12-16 23:16       ` erik quanstrom [this message]
2007-12-17 16:54         ` Jonathan D. Proulx
2007-12-17 17:26           ` erik quanstrom
2007-12-17 18:33             ` Jonathan D. Proulx
2007-12-17 19:40           ` Wes Kussmaul
2007-12-17 17:52         ` Russ Cox
2007-12-17 21:05         ` Lyndon Nerenberg
2007-12-17 21:08           ` Lyndon Nerenberg
2007-12-17 21:10           ` erik quanstrom
2007-12-17 23:12             ` Lyndon Nerenberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1a579fc66314c00596b0b6f99acf5fc8@quanstro.net \
    --to=quanstro@quanstro.net \
    --cc=9fans@cse.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).