On Sat, 24 Oct 2015 04:17:33 PM Brian May wrote:
Russell Coker <russell@coker.com.au> writes:
On Sat, 24 Oct 2015 12:12:34 PM Brian May wrote:
I think you might be confused, I wasn't talking about contacting the destination SMTP server directly, I was talking about contacting a remote authenticated queuing SMTP server directly.
Why not run a local queuing SMTP server?
On a laptop computer? Doesn't make a lot of sense. It won't keep retrying to send the message while the laptop is disconnected from the Internet or suspended.
Makes sense to me, I've been doing it for >10 years. NOTHING on a laptop will keep retrying when the laptop is disconnected. But if everything works as desired then Postfix on localhost will deliver to your ISP in a second or so.
Why would anyone want to do that? Anyone who can read the file on disk probably has access to exploit you in so many other ways that they are going to get the password anyway.
Say if your laptop computer was lost or stolen. If you don't have your SMTP/IMAP password stored on your filesystem, then there is no way they can access future emails or send emails via your MTA. Maybe they can't even access your old emails either, that depends on if the emails are downloaded or cached.
If you encrypt the filesystems then they can't do those things. Also standard procedure is to change passwords after a device is stolen. But if you want good performance for reading email over the Internet then offline IMAP is the way to go.
(even worse if you use the same password for more then just email services - e.g. if it is a Google account)
Just don't do that. Google has a mechanism for assigning different passwords for various purposes. If someone stole the system that I use for getting gmail.com mail then I would use the master password to revoke that password. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/