1 |
quoth the Michael Sullivan: |
2 |
> I upgraded dovecot the other day to 1.0.beta3 and I was altering the |
3 |
> configuration file trying to get it to work when I discovered something |
4 |
> disturbing: our passwords were being trasmitted unencrypted across the |
5 |
> Internet! |
6 |
|
7 |
Well, strait from the RFC we learn that POP3 protocol is plain text. |
8 |
|
9 |
Before settling on digest-md5 (or any other method) for authentication you may |
10 |
want to check that the clients you will be using support it. This |
11 |
documentation will get you up to speed on your options: |
12 |
http://wiki.dovecot.org/Authentication |
13 |
|
14 |
-d |
15 |
-- |
16 |
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org |
17 |
"...the number of UNIX installations has grown to 10, with more expected..." |
18 |
- Dennis Ritchie and Ken Thompson, June 1972 |