[ale] OT: SMTP/POP3 Password Encryption

Transam bob at verysecurelinux.com
Wed May 21 23:13:09 EDT 2003


On Tue, May 20, 2003 at 08:16:53PM +0000, hbbs at attbi.com wrote:
> Evolution has a "Check for supported [authentication] types" button for both
> transmit and receive.  The one for SMTP is reporting only "NT Login" and the
> one for POP3 is reporting only "Password".

> If I interpret this correctly, SMTP is at least being hashed somehow but
> POP3 is not.  Would you agree?

Neither SMTP nor POP3 (nor IMAP for that matter) are encrypted.  Both
the password (POP3 & IMAP) and all text is sent in the clear.  May I
introduce you to the world of encrypting your email before transmission?

See

     www.gnupg.org

(For downloading, use SSL-wrapped POP3 or IMAP if available.)

> - Jeff

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list