[Dovecot] Authentication in outlook
Amon Ott
ao at rsbac.org
Fri Nov 3 10:35:27 UTC 2006
On Freitag 03 November 2006 11:00, Gerard Seibert wrote:
> On Friday November 03, 2006 at 03:49:15 (AM) Amon Ott wrote:
>
> > Unfortunately, Outlook makes trouble with self signed SSL certs:
It
> > requires to accept the certificate again after every restart, what
is
> > very annoying for the users and makes it hard to recognize forged
> > certs. So you will have the choice to allow password sniffing,
annoy
> > your users, buy an official cert - or to get a decent mail client
> > installed.
>
> I would vote for the 'Official Cert' option. Seriously, unless you
are
> running a home based operation, why would you not be employing a
> properly signed certificate. After all, if you are offering SSL on
your
> mail server, you are going to need a signed certificate or else risk
> having problems with other servers that are going to flag your
server
> form using self signed certificates.
I am only speaking about IMAP/POP3 servers here. What other server is
supposed to access an IMAP or POP3 server? Sure an official cert is
better, but it also costs extra money.
As long as an IMAP/POP3 server is only accessed from inside a company
and not available from outside, self signed is fine for me. Most
clients will only warn when the cert has changed. If the cert has
been renewed after a year or such, people can still verify the
signature from other sources, but not every day.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the dovecot
mailing list