Pop connector in SBS03 at 1 minute?
|
Prev: Hello
Next: Brown Forman Louisville
From: kj [SBS MVP] on 2 Jun 2010 22:50 It's the 4-10MB attachments sent to multiple recepeints handled by your POP connector that gets you. Sooner or later it's going to break and you'll likely end up with no inbound email through the POP connector. Besides the limitations with Bcc and pop connectors. Newtime wrote: > Russ SBITS.Biz [SBS-MVP] wrote: >> Along with the other reasons mentioned >> You can have Duplication of messages and in some cases Delayed >> Messages. (if they are large.) >> >> Change your MX Records Open up Port 25 >> and don't use the POP3 at all >> Easier, and it works.. >> >> And you are not passing everyone's passwords in PLAIN Text over the >> WAN (Like you are with POP3) >> >> Russ >> > > But email is pretty much in plain text anyway with whatever delivery > mechanism you use. > > And not sure Ive ever seen anyone hack the Internet backbone to get > someones POP password. If it were an issue millions of Outlook > Express/Windows Mail/Eudora etc. users would have been in trouble some > time ago. > > "Many ISPs won't let you query a server much more often than that > because of the network overhead it incurs.." > > I've never seen this in a decade - but which ISPs are these that you > know of? By default stand alone Outlook collects every 5 minutes and > Ive never seen any issue there and its the exact same POP mechanism > as the POP3 connector. An ISPs 'stand alone' POP users will number > thousands more than those using a POP connector in SBS so dont see > how this would be an issue. -- /kj
From: Russ SBITS.Biz [SBS-MVP] on 2 Jun 2010 22:57 Plus if you moved away from POP3 you'd never have the issues where you are asking to change it to 1 min. Email is instantly delivered... As you know Time=Money :) Russ -- Russell Grover - SBITS.Biz [SBS-MVP] MCP, MCPS, MCNPS, SBSC Remote Small Business Server/Computer Support - www.SBITS.Biz BPOS - Microsoft Online Services - www.Microsoft-Online-Services.com "kj [SBS MVP]" <KevinJ.SBS(a)SPAMFREE.gmail.com> wrote in message news:#f3HResALHA.4920(a)TK2MSFTNGP04.phx.gbl... > It's the 4-10MB attachments sent to multiple recepeints handled by your > POP connector that gets you. > > Sooner or later it's going to break and you'll likely end up with no > inbound email through the POP connector. > > Besides the limitations with Bcc and pop connectors. > > Newtime wrote: >> Russ SBITS.Biz [SBS-MVP] wrote: >>> Along with the other reasons mentioned >>> You can have Duplication of messages and in some cases Delayed >>> Messages. (if they are large.) >>> >>> Change your MX Records Open up Port 25 >>> and don't use the POP3 at all >>> Easier, and it works.. >>> >>> And you are not passing everyone's passwords in PLAIN Text over the >>> WAN (Like you are with POP3) >>> >>> Russ >>> >> >> But email is pretty much in plain text anyway with whatever delivery >> mechanism you use. >> >> And not sure Ive ever seen anyone hack the Internet backbone to get >> someones POP password. If it were an issue millions of Outlook >> Express/Windows Mail/Eudora etc. users would have been in trouble some >> time ago. >> >> "Many ISPs won't let you query a server much more often than that >> because of the network overhead it incurs.." >> >> I've never seen this in a decade - but which ISPs are these that you >> know of? By default stand alone Outlook collects every 5 minutes and >> Ive never seen any issue there and its the exact same POP mechanism >> as the POP3 connector. An ISPs 'stand alone' POP users will number >> thousands more than those using a POP connector in SBS so dont see >> how this would be an issue. > > -- > /kj >
From: Cliff Galiher - MVP on 3 Jun 2010 00:29
The password being in plain-text is only one of several issues which I covered in my previos post. But to address the security question, there is a difference between email being sent in plain-text and passwords being sent in plain-text, and it isn't the internet backbone that is the concern. As an example, many people who use POP3 are connecting to an account managed by their ISP. Their POP3 password is also the password to other management features of their ISP account and may even have access to billing information (think credit cards). Now lets say you have a laptop that pulls mail via pop3 and you are in a coffee shop that offers wireless internet. Even if the wireless connection is secured with WAP, if the person/consultant who set up the wireless service for the coffee shop were of questionable morals (very rarely do these businesses set these systems up completely on their own), he could have set up their hotspot with a gateway server to present company information and also, as a nice little bonus, has that gateway server monitoring traffic and scraping passwords. Because the gateway is not on the wireless/encrypted part of the conversation, it can easily get those POP3 passwords and presto, any information protected by that password (and we all know people re-use passwords even though it isn't a good idea) is now exposed. Now, granted, the SBS server and pop3 connector won't be connecting to a coffee shop wireless connection anytime soon. BUT one of the most common justifications I hear for using pop3 is that "people can still access their mail even if the server is offline or they are away from the office." In other words, they are POPping from laptops as well. Another possibility is that with larger ISPs (think cable or DSL) the local point-of-presence is manned by a keyboard lackey making just above minimum wage. They centralize account management and customer support, so the "local" person is not involved in that aspect of the business. They strictly maintain the local presence equipment, routing tables, etc. Since they won't have access to a person's account information, is not part of the customer service staff, etc, if they are of questionable morals and feel they are in a dead end job, they take it out on their employer by abusing customers. It happens more often than you think, the latest box-store breach that hit the news a few months back was because of this type of scenario. My point being that getting a password is about more than just getting mail. And it doesn't have to be the backbone that is hacked. Sending passwords in plain-text is just plain not a good idea, and thus is still one (of many) valid reasons to lose pop3 sooner instead of later. -- Cliff Galiher Microsoft has opened the Small Business Server forum on Technet! Check it out! http://social.technet.microsoft.com/Forums/en-us/smallbusinessserver/threads Addicted to newsgroups? Read about the NNTP Bridge for MS Forums. "Newtime" <Newtime22(a)hotmail.com> wrote in message news:OC8Rd0rALHA.1888(a)TK2MSFTNGP05.phx.gbl... > Russ SBITS.Biz [SBS-MVP] wrote: >> Along with the other reasons mentioned >> You can have Duplication of messages and in some cases Delayed Messages. >> (if they are large.) >> >> Change your MX Records Open up Port 25 >> and don't use the POP3 at all >> Easier, and it works.. >> >> And you are not passing everyone's passwords in PLAIN Text over the WAN >> (Like you are with POP3) >> >> Russ >> > > But email is pretty much in plain text anyway with whatever delivery > mechanism you use. > > And not sure Ive ever seen anyone hack the Internet backbone to get > someones POP password. If it were an issue millions of Outlook > Express/Windows Mail/Eudora etc. users would have been in trouble some > time ago. > > "Many ISPs won't let you query a server much more often than that because > of the network overhead it incurs.." > > I've never seen this in a decade - but which ISPs are these that you know > of? By default stand alone Outlook collects every 5 minutes and Ive never > seen any issue there and its the exact same POP mechanism as the POP3 > connector. An ISPs 'stand alone' POP users will number thousands more than > those using a POP connector in SBS so dont see how this would be an issue. > > > |