first a thanks to those quick answers.
However, the issue of no SSL support for that part is largely minimal
- you're passing the traffic over the loopback in nearly all cases.
To sniff the traffic you'd have to be on the box itself.
yes. but in this case i could provide a useful service. not all people
have their own imap/pop-daemons at home and fetch mail to self-managed
boxes. i think, and have gotten thumbs-up from three people on this, that
it would be a great service if you could fetch mail from somewhere and put
i know that this kind of blasts the idea of smtp, but it can be done, so i
can't be all wrong :)
Note that protecting the traffic with SSL is pointless unless the
entire transit, from sender to recipient, is similarly protected, and
the data is encrypted when it's sat on the IMAP/POP server(s).
hehe. i hoped noone would say that.
how can we ever get to the point where all mailservers support tls, when
people always say "makes no sense, the other one doesn't encrypt". i
personally like to say it's not my fault, because i had it.
i even am in the process of enforcing the use of ssl-protected
mail-connections for my users, because of the spreading use of open and
unprotected wireless networks. but thats for fetching mail.
the thing is: i don't want to use stunnel. i personally have neither
enough knowledge in programming nor the money to pay someone who does to
implement ssl/tls-encryption for transmitting to smtp servers.
so have this issue as an nice-to-have from some user :)