[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Best way to check email securely?
- Subject: Re: [cobalt-security] Best way to check email securely?
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Fri, 01 Mar 2002 10:12:26 -0800
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Michael Korolew wrote:
> Using programs like Eudora with apop, sftp from openssh, ssh
> program like SecureCRT instead of telnet, and using SSL whenever they need
> to authenticate themselves browsing, also making sure to change around
> their passwords regularly.
There are lots of ways to keep secure without having to resort to
webmail.
I find webmail about the worst abomination there is; I offered it to
dialup clients for some time, and I'll offer it to hosting clients on
request. But I'd never force anyone to use it. I know if I was forced
to use it I would NOT use that hosting company. And if I was forced to
change my email client to use a hosting company, I wouldn't do that
either.
We use some other basic ways of staying relatively secure:
Most people want their company email forwarded to a personal account,
and we encourage that <smile>.
We use coded accounts for email, with aliases for the email address. In
otherwords, jeff@xxxxxxxxxxxxx may go to something like abx3dde0. We
also use complex passwords, something like AbcDEqd3, that cannot be
easily guessed. And we do NOT give email users any other kinds of
rights at all.
We've also considered running email on a separate server, but using the
Cobalt platform that's a bit more complex than it's worth.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484