[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Friday, 26 October 2018 13:01:51 GMT Neil wrote: > > Can anyone comment on this please? If is is better to use port 993 > because it is more secure, and I change that setting, will it cause me > any problems? The outgoing server is set to port 587, whereas the > recommendation is to use 465. I am using the Thunderbird client and > there is only one outgoing server for all accounts. At least, if there > is a way to have different outgoing servers for each account I have not > found it. > > Or should I just not mess with it? IMAP can be done over an encrypted tunnel on port 993 IMAP can be done using STARTTLS where it starts unencrypted and is encrypted before anything important on port 143 IMAP can be unencrypted on port 143. Personally I'm a fan of port 993, because it avoids the complexities of STARTTLS. But what matters is it is correctly encrypted, and that it checks certificates, and if the server doesn't offer a certificate or offers an invalid certificate it doesn't just leak your email. Similar comments apply to submitting email. 465 is SMTP over an encrypted tunnel. 587 allows STARTTLS (or unencrypted). If it matters to you check that the email is being encrypted properly (tcpdump is still your friend). I again prefer 465 with the tunnel for the same reason. Realistically if it is THAT important your email is protected cryptographically, you probably should avoid email entirely, as it is cryptographic mess (as illustrated by this question). Pragmatically as long as you record what the settings were, feel free to play with them, but you may want to change your email password after you've played.
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq