"Is is safe?"
I just wander about security of sending the registration information over the (inherently) insecure SMTP.
My webmail server uses SSL, meaning nobody can see the exchanged data (unlike GMail or Yahoo, which use SSL only for logging in). But all incoming messages are sent and received in a plain form, unless all MX servers - sending and receiving (including eventual "mid" email relays) - support TLS. GMail and Yahoo do not support it.
Therefore, it is fairly easy to eavesdrop network along the path from sending to receiving server, thus stealing the keys by filtering SMTP.
I see dvdfab's server supports TLS, as well as my MX server. However, there's no way to tell whether mail.dvdfab.com would actually use TLS to send the email with keys...
Just something to think about.
Originally posted by fengtao
View Post
My webmail server uses SSL, meaning nobody can see the exchanged data (unlike GMail or Yahoo, which use SSL only for logging in). But all incoming messages are sent and received in a plain form, unless all MX servers - sending and receiving (including eventual "mid" email relays) - support TLS. GMail and Yahoo do not support it.
Therefore, it is fairly easy to eavesdrop network along the path from sending to receiving server, thus stealing the keys by filtering SMTP.
I see dvdfab's server supports TLS, as well as my MX server. However, there's no way to tell whether mail.dvdfab.com would actually use TLS to send the email with keys...
Just something to think about.
Comment