A few days ago Slashdot covered a new SSL vulnerability. While I’m not going to go into too much depth, the new vulnerability open new doors for man-in-the-middle attacks. Since this vulnerability affects both web (HTTPS) as well as email (IMAPS/POP3S) it affects email providers too.
Today Rob Mueller over at FastMail posted on their blog that they’ve resolved this issue on their IMAP/POP3 proxy. Kudos to Rob and FastMail for taking security seriously. I just wish more email providers were this serious when it comes to security.