Is sending mail from local machine with no encryption unsafe [closed] - email

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
note: I'm working on wordpress but this isn't a wordpress question.
I have a wordpress site sitting on my local machine and I need it to send emails to newly registered users.
I managed doing it with a plugin.
As a mail server I'm using the SMTP server of the host of my online websites (justhost).
The settings I'm using are:
SMTP Host: mail.mydomain.com
SMTP Port: 2626
Authentication: SMTP authentication
username: my username on justhost
password: my password on justhost
In the Encryption setting I chose no encryption, since this is the only way I managed sending a mail. SSL encryption didn't work.
So my question is: is this unsafe? Are the message contents exposed?
And more importantly - are my username and password exposed?

If there is an attacker between you and your SMTP server he can intercept the message. And I think your password is exposed too.
But why don't you simply look into your traffic with wireshark?

Related

SMTP mail setup on Wiki.Js [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 days ago.
Improve this question
I need help setting up the smtp mail on Wiki.Js. I have recently hosted wikijs on a sub domain and tried to setup mail but it ssl port error or invalid authentication data. I have used sendgrid and smtp2go with both of them same error.
Invalid login: 535 Incorrect authentication data
OR
139801162820400:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:331:
I have gone through the docs of sendgrid and smtp2go and followed step by step.
Sendgrid Docs
SMTP2Go
How to solve this?
These errors typically indicate incorrect credentials over port 443, or a mismatch between the SSL/TLS protocol versions being used by the client and server. Ensure that the same OpenSSL version and TLS version is used on both ends.
You can also check this thread about the same Error. It may help you fix the issue.

Can kubernetes TLS certificates be signed by a public Certificate Authority? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 months ago.
Improve this question
Can kubernetes TLS certificates be signed by a public Certificate Authority?
Our cluster was security scanned using Nessus and it brought to light a few "vulnerabilities".
Description: The server's X.509 certificate cannot be trusted
Solution: Purchase or generate a proper SSL certificate for this service.
Output:
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
-Subject : CN=kube-apiserver
-Issuer : CN=kubernetes
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : CN=<redacted>-ca#1651240129
|-Issuer : CN=<redacted>-ca#1651240129
I found in the documentation where you can setup the cluster in External CA mode, but does not seem like this could work based on how the PKI works in Kubernetes (1.23.x). https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/#renew-certificates-with-external-ca
IIRC, internal cluster certificates must be signed by the in-cluster CA.
But ingress certificates (ones which are visible outside the cluster) CAN be signed by authorities such as Entrust or Symantec.

is SSL encryption done automatically? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I am new to SSL.
Right now I am developing an cordova mobile application.
According to digicert tutorial, there are 5 steps for ssl handshake(? I am not sure if this is right terminology)
Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.
Server sends a copy of its SSL Certificate, including the server’s public key.
Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
Server and Browser now encrypt all transmitted data with the session key.
I am trying to send a request to a backend server which is secured with SSL. Is there any extra step that I have to implement in order to do steps 1-5 or is all I have to do changing the url from http to https? If I send a request to https://url, Are steps 1-5 going to be done automatically?
The SSL Handshake steps you have explained are perfect and in a proper queue. You do not need to implement any extra step.
The SSL Handshake process will be held between the browser and server, If the genuine SSL installed properly in the server, the browser will complete the handshake process without falling for any error.

Cloudflare Flexible SSL and secure email forms [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
If I was needing a secure contact form that uses SSL to encrypt/secure a contact email form would I need an actual SSL certificate or would CloudFlare's Flexible SSL be enough?
According to Cloudflare, Flexible SSL only provides SSL between the visitor and CloudFlare. Therefore visitor sees HTTPS on your site, but there will be no SSL between CloudFlare and your web server. However your visitors will still see the site as being HTTPS enabled. But This doesn't mean that you will get secure connection all the way from client to server. If you really need security, go with cloudflare's Full SSL or Full SSL (Strict). In that case You'll need to have a valid SSL certificate installed on your web server.
References : SSL at CloudFlare

Multiple or Wildcard SSL? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
Please can you advise whether we need a wildcard SSL or 2 separate SSL certificates?
My domain DNS A records are:
mydomain.com /
*.mydomain.com
We have built an application with Zend Framework which will alter routes and create subdomains for 1000's of users like user.mydomain.com
You'd need a wildcard certificate. A standard SSL certificate verifies a SINGLE dns hostname, like "www.domain.com". You'd need a separate certificate for EACH of your individual user hostnames, which will probably bankrupt you and make godaddy/verisign very happy.
I believe Marc is wrong here. I have a zend application that secure multiple subdomains using a single wild card ssl certification. The only issue is that all the subdomains have to be under the same root domain. You can't mix different subdomains with different domains.
For example, user1.mydomain.com or user2.mydomain.com.
In apache, you should set a catch all for the ssl port and you're good to go!
<VirtualHost *:443>
ServerName admin.mydomain.com
ServerAlias *.mydomain.com
DocumentRoot /var/www/public
SSLEngine on
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
</VirtualHost>
Wildcard SSL is relatively expensive, considering you only have 2 sub domain, it's better to use multi-san ssl which are used to secure 2 domain (or sub domain) only. The latter one is much cheaper.