Re: Mutt Next Generation
On Thu, 27 Jan 2005 18:12:44 +0100, David Schweikert said:
> Hmmm, no. Can you explain? The passwords are transfered using TLS
> encryption of course and the users already use that password for
> IMAP
General precaution is to use a given credential only for one purpose.
In this case and assuming a shared secret (password) it is known at
several sites and thus increasing the risk of a compromise. The admin
of the outgoing server might not be aware that the AUTH password is
also used for pop3, and smtp or even the login password. Thus he
might not take enough care of protecting this password. That MTA is a
primary attack target because having access to the AUTH passwords of
all users of that MTA allows then to read also the mailboxes of the
users, pretending to be that user, or in the worst case (if all
passwords are the same) to login as any of the users.
A TLS connection does not help if the server has been compromised.
The only way out of this is to use public key authentication; which to
my knowledge is not that wide spreaded. Of course this would violate
the general rule of not using a key for different purposes. However
when analyzing the possible threats, this is in most cases acceptable.
> (or are you suggesting also using another password for that?).
Sure. Not that many years ago the usual way to crack a system was to
snoop pop3 password and then use them for login. Only possible because
it is so convenient ot use the same password for all purposes.
> It seems to me that this is more of an ideological problem than a real
> one. My guess is that the additional code for SMTP AUTH in mutt would be
We are doing Unix and a basic principle there is to connect small and
and dedicated tools to build an application. That is not an
ideological problem but a design principle.
Shalom-Salam,
Werner