> This is encouraging news to me. As you know, in terms of POP3 clients, such as > Outlook, the Imail POP3 service cannot be configured to use SSL. Thus, even if > Kerberos is keeping NT/AD usernames and passwords from flying around your > network in clear-text, the second someone checks their email with a standard > POP3 client the information is sent to Imail POP3 in the clear. So much for > security...just set a Sniffer to scan all POP3 traffic that contains "user" and "pass".
I am not sure that is accurate. When testing the recent discussion about long addresses, when viewing the logs, the user name and password were encrypted to some extent by Outlook. Now, I did not do a NetMon session on the receiving server to check what was actually received, but the POP3 log by Outlook showed it encrypted. John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
