Finally, secure e-mail connections

Thu 09 October 2003 by Kevin van Haaren

Took me a few days to figure out what I was doing but I’ve now got my external server offering pop3 and smtp over ssl connections. Since I don’t use FTP (hmmm, need to look into SFTP next) I’ve eliminated all cleartext password passing from my server (well, except for the password for this web site. Guess I’ll work on that in a couple of months)

My smtp server has always used CRAM-MD5 authentication so that password was never cleartext, but my pop server has been.

An added advantage of moving to SSL connections is that the data is encrypted too. So when I travel I can download my e-mail via wireless or unprotected net connections and not have to worry about others reading my mail.

Of course when I send mail the connection is only encrypted from my computer to my smtp server, it’ll be cleartext after than, but it definitely is safer than before.

I’m working on documentation on how I set this up next.