Re: IMAP Secure ???

From: Security (security@zerouptime.ch)
Date: 05/11/02


Date: Sat, 11 May 2002 11:00:18 +0200
From: Security <security@zerouptime.ch>
To: "Babb, Robert" <babbr@union.edu>


> Does anyone out there know if IMAP use plain text passwords or encrypted
> passwords (or both).

Well, I am using Cyrus compiled with SASL, which allows CRAM-MD5 or
DIGEST-MD5 hashes, besides plaintext. Many good IMAP clients have
support for one or the other authentification method; I found Becky2 for
Win32 and Ximian Evolution for UNIX to suit most of my needs.

Of course, for the command line freaks, I must also mention 'mutt',
which can be compiled with Cyrus-SASL, too.

- Jonas

-- 
Security <security@zerouptime.ch>



Relevant Pages

  • Re: IMAP Secure ???
    ... > Does anyone out there know if IMAP use plain text passwords or encrypted ... IMAP sends plain text passwords. ... SSL wrapped using stunnel. ...
    (Security-Basics)
  • Re: IMAP Secure ???
    ... Babb, Robert wrote: ... > Does anyone out there know if IMAP use plain text passwords or encrypted ... Plain text, look into imaps which is more secure in that regard. ...
    (Security-Basics)
  • Re: iptables / reject vs drop
    ... Some users prefer the simplicity of POP3, ... > functionality of IMAP. ... And *both* transmit the users' passwords in plain text. ...
    (comp.os.linux.security)
  • Re: questions on setting up a mail server
    ... standard method built in to the protocol) require Cyrus SASL. ... use your existing user passwords. ... passwords held in plain text - the sasldb. ... PLAIN is the preferred protocol according to the docs and RFCs - LOGIN is ...
    (freebsd-questions)
  • Re: [SLE] imap problems
    ... > I just converted my redhat server over to suse, but I am having a slight ... this is because imap is not admiting plain text passwords. ... Suse version have you installed?. ...
    (SuSE)