ESMTPA vs. ESMTPS (was: SPF implementations)2005-08-16 09:41:47Arjen de Korte wrote: But anyone sniffing the connection, might replay the encoded password. AFAIK you can only hi-jack the session as "man in the middle". There's no way to get the password by "watching" CRAM-MD5 or similar SASL mechanisms. Also no realistic dictionary attack. Bye, Frank
|
|