[Semibug] Security question

Josh Grosse josh at jggimi.net
Sun Apr 7 16:00:02 EDT 2019


On Sun, Apr 07, 2019 at 03:05:19PM -0400, Mark Moellering wrote:
> Trying to figure out the best place to pose this question and I thought
> this group would be a good place to start.
> 
> If I am running my own web-server and i want to be able to log in and get
> email from my phone, what special security should I set up, if any?
> 
> I can't figure out if I should require a certificate or if that is even a
> good idea on a phone, or if I should try and restrict the firewall to
> making sure port 587 is only available to my carrier's network or assume
> the current login is secure enough.

For web mail, I use roundcubemail with client certificates as 2-factor
authentication in combination with user/PW.

On my phone however, I don't use a browser.  I use K-9 mail with Dovecot.
IMAP over TLS.



More information about the Semibug mailing list