Re: webmail server & getpwnam "inherently unreliable" -- Precisely why is that?

From: Jem Berkes (
Date: 03/11/02

From: Jem Berkes <>
Date: Mon, 11 Mar 2002 06:10:34 GMT

> but in the end the machine is still using the same old smtp plain text
> login, so i don't really see the point and don't see how i can ensure
> security against a cracker sniffing what he knows to be the first N
> number of packets in a POP or IMAP exchange.

You're right (remember it's not SMTP for retrieving mail, however). I
don't know the specifics of those library calls, but in either case any
webmail type of system is going to use plaintext passwords.

This is a huge security risk, but you can get around it safely if the
following conditions are met:

1) Webmail is only available through SSL (eg Apache mod_ssl)
2) The webmail system is connected to the mail servers through a route
that never leaves the ISP (i.e. packets never go public)
3) No other access, i.e. no external POP access available on the same box
that does the webmail

> furthermore, the reason why they want a *browser* based email service
> is so that when they are on the road they can just use the clients'
> browsers to get their mail. Now correct me if i'm in error here, but
> isn't that a giant step in the direction of breaking security in
> itself? that means whatever crackers may be doing at client sites
> automatically infects this webmail server.


Check out nullwebmail. This thing's beautiful. I'm running it at my site
through SSL only.

Jem E. Berkes
IEEE member, Winnipeg Windows, Linux & UNIX software