> If someone has access to your email client you're hooped anyway.
I once made the mistake of emailing a friend of mine the password to an ssh account — roughly 6 months later someone logged in with that password and added a spammy link to one of my HTML pages — my friends machine wasn’t hacked, but likely the (university) server storing his email had.
Also, our online shop email the buyers from a generated non-guessable address (to track replies/bounces). Occasionally these receive spam.
So I don’t trust that what I write in an email is only seen by the person it is sent to, unless the content is encrypted.
And just for the records, I disabled password login and installed fail2ban long ago to avoid new server break-ins :)
I once made the mistake of emailing a friend of mine the password to an ssh account — roughly 6 months later someone logged in with that password and added a spammy link to one of my HTML pages — my friends machine wasn’t hacked, but likely the (university) server storing his email had.
Also, our online shop email the buyers from a generated non-guessable address (to track replies/bounces). Occasionally these receive spam.
So I don’t trust that what I write in an email is only seen by the person it is sent to, unless the content is encrypted.
And just for the records, I disabled password login and installed fail2ban long ago to avoid new server break-ins :)