Florin Andrei wrote: > >> If you have a decent password (on all accounts) I wouldn't worry about >> about it too much. Move it to an odd port or even require a client >> certificate if your client software supports it. > > The non-standard port is a good trick, but even assuming the iPhone does > support it (which is far from certain, the interface is very simple and > terse), I'm still a bit uncomfortable. All it takes is a stupid buffer > overflow, and a script kiddie with patience and a portscanner - even if > you send packets to DROP, it's still scannable, it just takes much > longer. Port knocking is probably not doable (or not easily) from the > iPhone. > > Maybe I don't trust the IMAP server enough to expose it. Maybe I should. Anything that can survive in a university environment should be safe enough for the rest of us. But the client certificate requirement would really nail it down if that's a possibility. You can do it with stunnel if the native IMAP service is difficult to configure for ssl (or even on a different internal machine). -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos