[Imap-uw] Re: [Alpine-info] Server name does not match certificate

[Stefan Bertels]

On Tue, 7 Oct 2008, Joel Reicher wrote:

> Stefan Bertels writes:

>> Any more hints how I can still use non-FQDN in alpine config?

>

> Why do you want to? I have seen an a.b domain created so someone

> could steal passwords of users wanting to log into a.b.c.d by typing

> just "a.b". Not using FQDNs is always a little risky, and is the kind

> of convenience that, IMHO, should be reserved for the command line, and

> even then used with care.


My IMAP server is a local machine (intranet) with a non-public IP 
address. The FQDN does not resolve by public DNS, too. Manipulation to 
DNS might result in a security issue, but I cannot see why FQDN would 
make this secure. It might get more difficult to infiltrate DNS. 
Nevertheless I have full control over DNS server, host resolves 
correctly and alpine is only run within intranet, so should be safe 
enough.


> I can't think of a reason for a "set once and forget about" (almost)

> config to use anything other than a FQDN.


I agree for internet systems (public IP, public FQDN) and for bigger 
intranets. This is a small local network and the domain name is just 
there because some software does not run (well) without.

Anyway I will change to FQDN everywhere to remove the warning.