| 1 |
quoth the Michael Sullivan: |
| 2 |
> I upgraded dovecot the other day to 1.0.beta3 and I was altering the |
| 3 |
> configuration file trying to get it to work when I discovered something |
| 4 |
> disturbing: our passwords were being trasmitted unencrypted across the |
| 5 |
> Internet! |
| 6 |
|
| 7 |
Well, strait from the RFC we learn that POP3 protocol is plain text. |
| 8 |
|
| 9 |
Before settling on digest-md5 (or any other method) for authentication you may |
| 10 |
want to check that the clients you will be using support it. This |
| 11 |
documentation will get you up to speed on your options: |
| 12 |
http://wiki.dovecot.org/Authentication |
| 13 |
|
| 14 |
-d |
| 15 |
-- |
| 16 |
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org |
| 17 |
"...the number of UNIX installations has grown to 10, with more expected..." |
| 18 |
- Dennis Ritchie and Ken Thompson, June 1972 |
Archives