ok last question security n' dovecot
Kenneth Porter
shiva at sewingwitch.com
Wed Jul 21 00:25:26 UTC 2004
--On Monday, July 19, 2004 9:29 PM -0400 "Jonathan T. Steadman"
<fedoracore at stny.rr.com> wrote:
> I set up dovecot and all is well, but before I decide that maybe I will
> set something up outside of my network, are all passwords secure?
Default POP3 uses plaintext passwords. The Dovecot author was working on
adding the APOP command which implements a challenge-response encryption
exchange so that the password is never passed in cleartext.
Another solution is to use TLS or SSL to encapsulate the connection. You
can then use plaintext passwords within the SSL tunnel.
More information about the users
mailing list