Bruce Barnes wrote:
Remember, accomplishing SSL between the client and the provider really does
nothing because all e-mail is sent as PLAIN TEXT between providers anyway
and there is NO security in e-mail while it is in transport. Never has
been.
The point of TLS (SSL) during Auth is to protect that password, not the
message body. I think it's essential if you are using Plain/Login, but
unecessary if you are using a shared secret mechanism.
Scott K
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com