|
Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere. |
|
Thread Tools |
4 May 2021, 10:31 PM | #31 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Hey Scott, and welcome to EMD!
I've been experimenting with this 2FA problem I have, it seems that it does work if I "X" out or close the webmail window, and then go to login again. But if I log off from webmail, and go to login again, it always asks for the TOTP code. |
6 May 2021, 07:49 PM | #32 |
Essential Contributor
Join Date: Aug 2007
Posts: 287
|
I signed up for an account and I am impressed so far.
There is an unique feature, not found in any other email providers, something like an automatic temporary identity: I have an alias set up in routing section. Let's say I receive an email sent to this alias, and it's delivered to my main email address. From Roundcube, if I hit reply to this email, the "from" address is automatically changed with the alias address. I did not setup an identity with the alias address, but it seems that the webmail use the alias address as "from" address when I want to reply to that email. It's something very useful and I am glad that it's working this way |
7 May 2021, 12:07 AM | #33 | ||
Junior Member
Join Date: May 2021
Posts: 4
|
Quote:
I assumed most users would stay logged in (on a trusted device) or login/logout completely (on an untrusted device). Would a separate "trust this device" option for 2FA so you would need your password but not the 2FA be useful? Quote:
I personally go through a lot of disposable aliases. Technically you can send email as any address you own, which includes everything under your domains. |
||
7 May 2021, 12:28 AM | #34 | |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Quote:
Please do consider a separate "trust this device" option. |
|
7 May 2021, 05:41 PM | #35 | |
Essential Contributor
Join Date: Dec 2017
Location: Scotland
Posts: 483
|
Quote:
I mean: I'd trust a home pc, using a wired internet connection, more than a public pc or one using a public wifi connection... but in none of these situations is it impossible that my pc could get stolen, or 'borrowed' for temporary use eg by a house guest I wouldn't want a stolen machine to let anyone else log into any service I use. |
|
7 May 2021, 08:18 PM | #36 | |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,683
|
Quote:
|
|
8 May 2021, 06:42 PM | #37 |
Member
Join Date: Nov 2013
Posts: 61
|
I don't understand why a person would want 2FA and then want a checkbox to bypass it. The strength of TOTP is in adding a time factor to the existing HMAC-SHA-1 one-time password. Those "remember this device" options reduce the security of this.
I think it's a mark of quality that Purelymail does not permit this. (You can read RFC 6238 & 4226 for background on this.) |
21 May 2021, 11:50 PM | #38 | |||
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
DMARC Question
I have set a DMARC TXT record for a domain in the format:
Quote:
Quote:
Quote:
Am I missing something here? |
|||
22 May 2021, 12:06 AM | #39 | |||
Junior Member
Join Date: May 2021
Posts: 4
|
Quote:
It's fine to roll your own DMARC txt record, the DNS checker just won't recognize it. There's no action tied to it recognizing your DMARC record in particular. Yours would read: Quote:
Quote:
(Also, we wouldn't get DMARC reports for your domain, which we do automatically check.) |
|||
22 May 2021, 12:24 AM | #40 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Thanks for that quick response, Scott. Most appreciated.
If I were to create that CNAME record, would that be of any help (or hindrance) to Purelymail? |
28 May 2021, 09:54 PM | #41 | |
Junior Member
Join Date: May 2021
Posts: 4
|
Quote:
Anyway, it might kind of help, although not in any big way- it's fine to leave your setup as is. Just make sure you don't have a CNAME and a TXT record at the same time. |
|
Thread Tools | |
|
|