On Wednesday, June 25, 2008, 14:52:08, Matt wrote: > You can't require it with your version. You need to upgrade and then > hack the registry if you want to do this: > http://support.ipswitch.com/kb/IM-20071231-JH01.htm > > The real issue however is when an E-mail client sends in plain-text. > Just because you accept plain-text authentication doesn't mean that > anyone is using it. If they use it, it isn't your server leaking this > data, it is the E-mail client.
True but from the POV of the compliance auditor the account credentials were leaked because the server told the client that plain text was OK to use. > These compliance companies sometimes assume things like that everyone is > using Exchange and not a standards-compliant E-mail server. I don't think they really care if its Exchange or not, they simply want him to "Disable the plaintext authentication methods on your SMTP server ..." Your link above corrects the issue. Then its simply a matter of telling all your users that if they want your server to relay their mail to external servers they must use an e-mail client that can do secure authentication. -- [EMAIL PROTECTED] "The avalanche has already started, it is too Rod Dorman late for the pebbles to vote." - Ambassador Kosh To Unsubscribe: http://imailserver.com/support/discussion_list/ List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://imailserver.com/support/kb.html
