EmailDiscussions.com  

Go Back   EmailDiscussions.com > Discussions about Email Services > Email Comments, Questions and Miscellaneous
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere.

Reply
 
Thread Tools
Old 28 May 2012, 05:59 AM   #16
kijinbear
Cornerstone of the Community
 
Join Date: Mar 2011
Location: ~$
Posts: 647
Quote:
Originally Posted by krimlin View Post
I think, the Enhanced account is able to manage this.
Oh, it's already supported? George_B's reply above ("it's up to the remote servers to decide if they wish to consider your mail Spam or not") seemed to suggest otherwise. Can somebody confirm, please?
kijinbear is offline   Reply With Quote
Old 28 May 2012, 06:17 AM   #17
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by kijinbear View Post
Oh, it's already supported? George_B's reply above ("it's up to the remote servers to decide if they wish to consider your mail Spam or not") seemed to suggest otherwise. Can somebody confirm, please?
It is supported.

There are two scenarios however:

1. You e-mail through our SMTP servers using an identity that's not hosted by us, in which case some remote servers might consider your e-mail Spam

2. You e-mail through your own SMTP servers using an identity that's hosted by your servers. This shouldn't get your labeled as Spam.

We support both methods with the Enhanced e-mail.
George_B is offline   Reply With Quote
Old 28 May 2012, 06:55 AM   #18
kijinbear
Cornerstone of the Community
 
Join Date: Mar 2011
Location: ~$
Posts: 647
Quote:
Originally Posted by George_B View Post
It is supported.
Ha, I should probably stop being so stingy and upgrade to Enhanced

By the way, how do you manage login credentials for third-party SMTP servers? Plain-text columns in the same big database?
kijinbear is offline   Reply With Quote
Old 28 May 2012, 08:03 AM   #19
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by kijinbear View Post
Ha, I should probably stop being so stingy and upgrade to Enhanced

By the way, how do you manage login credentials for third-party SMTP servers? Plain-text columns in the same big database?
Every account is stored in a separate database, accessed by a different set of login credentials. Furthermore, information is encrypted using a different salt for each account.

In the case of third-party SMTP servers we are forced to store it in the clear however. It's still protected in its own secure database.
George_B is offline   Reply With Quote
Old 28 May 2012, 09:07 AM   #20
kijinbear
Cornerstone of the Community
 
Join Date: Mar 2011
Location: ~$
Posts: 647
Quote:
Originally Posted by George_B View Post
Every account is stored in a separate database, accessed by a different set of login credentials. Furthermore, information is encrypted using a different salt for each account.

In the case of third-party SMTP servers we are forced to store it in the clear however. It's still protected in its own secure database.
Thanks for the clarification. I'm thinking you could perhaps encrypt third-party credentials with the user's own password so that it is decrypted only when needed... But what you're doing is still leaps and bounds better than some other providers (ahem FM ahem) who didn't even encrypt their users' passwords the last time the topic came up in these forums. That should be good enough unless OP is really paranoid.
kijinbear is offline   Reply With Quote
Old 29 May 2012, 03:00 AM   #21
krimlin
Essential Contributor
 
Join Date: Dec 2009
Posts: 242
Quote:
Originally Posted by George_B View Post
This feature has just been implemented. You can find it under your 'Local Delivery' option in the Control Panel.
I just played a bit by enabling and disabling "Local Delivery", but i didn't notice any difference regarding this feature request. Messages sent via SMTP have not been saved in my "Sent" folder.

Could you tell us a bit more about how to use it?
krimlin is offline   Reply With Quote
Old 29 May 2012, 03:14 AM   #22
SethM
Senior Member
 
Join Date: Oct 2009
Location: Nevada
Posts: 128

Representative of:
Rollernet.us
Quote:
Originally Posted by kijinbear View Post
Thanks for the clarification. I'm thinking you could perhaps encrypt third-party credentials with the user's own password so that it is decrypted only when needed... But what you're doing is still leaps and bounds better than some other providers (ahem FM ahem) who didn't even encrypt their users' passwords the last time the topic came up in these forums. That should be good enough unless OP is really paranoid.
IMO that would be just as bad as storing the user's password in the clear. User passwords should be one-way hashed, never encrypted (which is reversible).

http://en.wikipedia.org/wiki/Cryptog..._hash_function

Last edited by SethM : 29 May 2012 at 03:15 AM. Reason: Wikipedia link on hashing
SethM is offline   Reply With Quote
Old 29 May 2012, 03:46 AM   #23
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by krimlin View Post
I just played a bit by enabling and disabling "Local Delivery", but i didn't notice any difference regarding this feature request. Messages sent via SMTP have not been saved in my "Sent" folder.

Could you tell us a bit more about how to use it?
Make sure you hit Ctrl-F5 on that page. Your browser might still have cached the old version. Local Delivery should always be enabled but below it there is an option to save your sent mails in a specific folder...

Quote:
Originally Posted by SethM View Post
IMO that would be just as bad as storing the user's password in the clear. User passwords should be one-way hashed, never encrypted (which is reversible).

http://en.wikipedia.org/wiki/Cryptog..._hash_function
Correct. We'd rather store third party SMTP credentials in the clear than your password...
George_B is offline   Reply With Quote
Old 29 May 2012, 04:13 AM   #24
kijinbear
Cornerstone of the Community
 
Join Date: Mar 2011
Location: ~$
Posts: 647
Quote:
Originally Posted by SethM View Post
IMO that would be just as bad as storing the user's password in the clear. User passwords should be one-way hashed, never encrypted (which is reversible).
Ideally, yes. But login credentials to third-party SMTP servers must be available in plain text whenever the user tries to use the corresponding identity, so you can't hash them with an irreversible one-way algorithm.

Still, reversible encryption would thwart a lot of potential attackers, so it has some value. Since data at rest (on disk) is now protected with a password that isn't stored in plain text in the first place, an attacker who wants to see plain-text credentials faces the much more difficult task of capturing them just as they are being decrypted (in RAM). Security isn't all or nothing. Just because you can't protect against every attack doesn't mean you don't need to protect against some attacks.

But again, this is just something I'd put at the bottom of a very long wishlist. I would not hold it against any e-mail service provider if they didn't encrypt login credentials to third-party SMTP servers. Polarismail is a very competent company and I trust that they can keep their servers out of harm's way.
kijinbear is offline   Reply With Quote
Old 29 May 2012, 04:16 AM   #25
krimlin
Essential Contributor
 
Join Date: Dec 2009
Posts: 242
Quote:
Originally Posted by George_B View Post
Make sure you hit Ctrl-F5 on that page. Your browser might still have cached the old version. Local Delivery should always be enabled but below it there is an option to save your sent mails in a specific folder...
Tried it with 3 browsers now, always with Ctrl+F5, but it only shows the option to enable or disable. However, when I change and save it, the error message "The folder you entered does not exist" comes up.
But I don't see an option to select a folder to save sent mails.
krimlin is offline   Reply With Quote
Old 29 May 2012, 04:36 AM   #26
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by krimlin View Post
Tried it with 3 browsers now, always with Ctrl+F5, but it only shows the option to enable or disable. However, when I change and save it, the error message "The folder you entered does not exist" comes up.
But I don't see an option to select a folder to save sent mails.

PM me your e-mail address
George_B is offline   Reply With Quote
Old 29 May 2012, 05:54 AM   #27
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by krimlin View Post
Tried it with 3 browsers now, always with Ctrl+F5, but it only shows the option to enable or disable. However, when I change and save it, the error message "The folder you entered does not exist" comes up.
But I don't see an option to select a folder to save sent mails.
Fixed. There was an issue with a folder name that had accents in it but it got solved pretty easily. Try again now.
George_B is offline   Reply With Quote
Old 29 May 2012, 10:13 PM   #28
Tsunami
The "e" in e-mail
 
Join Date: Jun 2004
Location: in between the bright lights and the far unlit unknown
Posts: 2,090
George, I sent you an email message as you indicated in the PM. Awaiting your responses with curiosity
Tsunami is offline   Reply With Quote
Old 31 May 2012, 01:16 AM   #29
mrsmashy
Junior Member
 
Join Date: May 2012
Posts: 9
Quote:
Originally Posted by George_B View Post
It's even easier with Thunderbird since it has the Lightning extension for CalDAV.
Do you have a CardDAV extension in Thunderbird for Linux ?
Pardon my ignorance, but if I use a CardDAV client on my desktop and ActiveSync on my Android phone, will PolarisMail keep everything in sync?
mrsmashy is offline   Reply With Quote
Old 31 May 2012, 02:25 AM   #30
George_B
Cornerstone of the Community
 
Join Date: Jan 2008
Posts: 694

Representative of:
PolarisMail.com
Quote:
Originally Posted by mrsmashy View Post
Pardon my ignorance, but if I use a CardDAV client on my desktop and ActiveSync on my Android phone, will PolarisMail keep everything in sync?
What is the CardDAV client ? Our current implementation doesn't work well with some clients but in the new version there should be no issues.

Out of curiosity, do many people prefer LDAP over CardDAV ?

We have no support for LDAP at the moment but might be considering if there is enough requests for it...
George_B is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 06:02 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy