POP3 Password
Emiliano Brunetti
emiliano.brunetti at fastwebnet.it
Wed Jan 28 19:18:41 UTC 2004
On Wed, 2004-01-28 at 20:04, Glenn Remstedt wrote:
> hi list,
>
> Someone has sniffing my POP3-passwd by monitoring
> my Broadband(ISP) connection.
> Are there someone how do know to encrypt a POP3 passwd?
> Does the ISPs MailServer have to support it?
Hi Glenn,
it all depends on what is supported by your ISP.
Yes, there are many ways to encrypt a POP3 password. I think one of the
best way is DIGEST-MD5. All linux email clients that i am aware of,
support all standard encryption mechanism (login, apop, cram-md5,
digest-md5 and gssapi based mechanism) and, as far as i know, at least
evolution and kmail have a option to test whether your POP3 server is
using one of those mechanism.
Even more, you can always encrypt all the connection by way of standard
STARTTSL commands, and you can use both ssl encryption and password
encryption simultaneously.
However, most of ISP do not support starttsl and only support login
(which is pretty useless, extremely easy to crack) and apop (good
enough). You cannot force something that is not supported by your pop3
server, though.
I suggest you to check what your pop3 server support.
And if you want to know more about email system, google around with
smtp_auth and starttsl as keywords.
HTH
E.
More information about the fedora-list
mailing list