From 80da15d978554fa99a6307bbf58fc7b59d035bd3 Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Sat, 26 Feb 2000 08:20:05 +0000 Subject: Add note about end-to-end privacy. svn path=/trunk/; revision=2775 --- fetchmail-FAQ.html | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html index 0c958c25..10954351 100644 --- a/fetchmail-FAQ.html +++ b/fetchmail-FAQ.html @@ -10,7 +10,7 @@
Back to Fetchmail Home Page To Site Map -$Date: 2000/02/26 04:34:10 $ +$Date: 2000/02/26 08:20:05 $

Frequently Asked Questions About Fetchmail

@@ -430,10 +430,16 @@ concentrator you dial in to and the mailserver host).

Having realized this, you need to ask whether password encryption alone will really address your security exposure. If you think you -might be snooped, it's better to use end-to-end encryption on your -whole mail stream so none of it can be read. One of the advantages of -fetchmail over conventional SMTP-push delivery is that you may be able -to arrange this by using ssh(1); see K3.

+might be snooped between server and client, it's better to use +end-to-end encryption on your whole mail stream so none of it can be +read. One of the advantages of fetchmail over conventional SMTP-push +delivery is that you may be able to arrange this by using ssh(1); see +K3.

+ +Note that ssh is not a complete privacy solution either, as your mail +could have been snooped in transit to your POP server. For best +security, agree with your correspondents to use a tool such as GPG +(Gnu Privacy Guard) or PGP (Pretty Good Privacy).

If ssh/sshd isn't available, or you find it too complicated for you to set up, password encryption will at least keep a malicious cracker @@ -2608,7 +2614,7 @@ terminate it.

Back to Fetchmail Home Page To Site Map -$Date: 2000/02/26 04:34:10 $ +$Date: 2000/02/26 08:20:05 $

Eric S. Raymond <esr@snark.thyrsus.com>
-- cgit v1.2.3