"Sebastian Lechte" <seb(_at_)stian(_dot_)lechte(_dot_)net> writes:
first a thanks to those quick answers.
However, the issue of no SSL support for that part is largely minimal
- you're passing the traffic over the loopback in nearly all cases.
To sniff the traffic you'd have to be on the box itself.
yes. but in this case i could provide a useful service. not all people
have their own imap/pop-daemons at home and fetch mail to self-managed
No, but the IMAP server can also have an MTA such as Exim or Postfix for
local injection - and then you don't need SSL.
hehe. i hoped noone would say that.
how can we ever get to the point where all mailservers support tls, when
people always say "makes no sense, the other one doesn't encrypt".
This is pointless. For proper mail security, it's end-to-end security,
hence a matter of the client. And if the clients en/decrypt the
messages, there's no point in the servers doing it again.