[mdlug] Here's my idea and rough sketch plan, is it feasible?

Joseph C. Bender jcbender at bendorius.com
Wed Oct 3 16:27:24 EDT 2007 

Robert Adkins wrote:
> 
> 	Yes, it would be trivial to fake a referrer.
> 
> 	Maybe I am incorrect in thinking this, I was under the impression
> that the referrer could also include the full page of where the link came
> from. If that's correct, then whoever would be faking the HTTP referrer
> would first need to know that the server is only allowing referrals from
> somewhere and then also need to know the full string of the referring page.
> (Which I could change periodically.)
> 
	No, it's a one liner in the HTTP request.

	Point was, it's not *that* much more secure.  You'd be better off 
spending the time hardening the server that webmail runs on and keeping 
up to date on patches for the webmail app.

> 	Spending Zero dollars is more of what is expected than anything
> else.
> 
	Hey, you asked.  I answered.  I do sympathize with your budget constraints.
	
> 	Last year, I wanted to replace a server roughly 3 to 4 months before
> the time I figured we would be on borrowed time with it. My request was
> refused, the server died (The HD crashed roughly around the time I predicted
> it would fail), practically all business activities ground to a halt and
> still there was nitpicking costs on the replacement server.
> 
	What a terrible environment to have to support.

> 	This isn't about running out and finding a perfect solution. This is
> about necesity causing the "invention" of a cheap solution that is mostly
> going to work.
> 
	Never said perfect.  But correct solutions, whatever the form, are 
better.  And if "mostly going to work" is acceptable, given the relative 
insanity of the overall environment, I can't blame you.

>> 	If this is a corporate mandate, there needs to be a 
>> corporate standard. 
>>   Anything that's outside of the standard doesn't get supported. 
>> Otherwise you'll run into phones that don't display the 
>> webmail correctly, and it becomes much much more of a support 
>> nightmare than you ever suspected.
>>
> 
> 	I am very aware of this.
> 
	Ok.

[SNIP]
> 	I anticipate that this standard will continue for the forseeable
> future. 
> 
	Fun for you.

>> 	Honestly, if they're going to do this, the Blackberry 
>> Internet service and their push email system works 
>> wonderfully.  Compatible with IMAP and POP3, including 
>> syncronization with IMAP folders.  Managers love Blackberries.  *grin*
>>
> 
> 	Blackberry phones might be nice.
> 
	They also have that "Shiny!" factor that always works well with managers.

> 	Are they compatible with "any" email server?
> 
	Well, if the server supports IMAP and/or POP3, yes.



-- 
Joseph Bender
Bendorius Consulting
P: 248-434-5580
F: 248-434-5581
jcbender at bendorius com

More information about the mdlug mailing list