North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: heads up ... another imapd attack source

  • From: Dave Crocker
  • Date: Wed Dec 16 14:26:37 1998

At 11:09 AM 12/15/98 -0800, Roeland M.J. Meyer wrote:
>>this means that any user who is traveling, and happens to try to get their
>>mail while accessing from a .edu site won't be able to pick it up.
>
>Only if they are accessing mail on MHSC systems, from an *.EDU dial-up.

That's right.  Only an MHSC customer.

>There are other dial-up options and MHSC has direct dial-up ports
>available. Also, we do allow VPN tunnels from *.EDU, but only to directed
>hosts with no routing and on advanced arrangement. The user that does so,
>does it under our TOS and AUP.

If they know enough detail "ahead of time".  Hence they are prevented from
the benefit of opportunistic access.

>>since imap popularity is growing, lack of imap service is also problematic.
>
>It's balance of problems. We consider the rootkit risk more severe than the
>loss of business from *.EDU sites. We have secure POP3 and Web-based (SSL)

It isn't a question of loss of business from a .edu site.  It is a question
of loss of business from an MHSC customer who is traveling.

d/

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Dave Crocker                                       Tel: +60 (19) 3299 445
<mailto:[email protected]>             Post Office Box 296, U.P.M.
                                         Serdang, Selangor 43400 MALAYSIA
Brandenburg Consulting                                          
<http://www.brandenburg.com>                       Tel: +1 (408) 246 8253
Fax: +1(408)273 6464              675 Spruce Dr., Sunnyvale, CA 94086 USA