lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: Azerail at (Azerail)
Subject: Is the FBI using email Web bugs?

On Thu, 08 Jan 2004, Ben Nelson wrote:

> Poof wrote:
> >Actually- the problem with that is that fine... it won't allow any ports
> >except for the needed 25/110/143... Then what's to stop an image from using
> > whatever)
> >
> >... Nothing!
> >
> >Nice try though... Best protection is through your email client. O2K3 does
> >it native ^^
> >
> I realize that, my point was that blocking more is better than blocking 
> less.  Whenever you can block everything and allow only the needed 
> traffic, you'll be better off.  Removing as many possible 'phone home 
> vectors' as possible certainly can't hurt and is good security policy in 
> general.
> --Ben

Why don't you guys just cut to the root of the problem and not use
mail clients that access files on other people's servers when you read
your mail.  HTML e-mail sucks.


To be wise, the only thing you really need
to know is when to say "I don't know."

Powered by blists - more mailing lists