You can use stunnel and keep using plain test passwords. In which case you need to have an ssl certificate. Either you have to buy it or you take the risk of having a man in the middle attack.
You can use also TLS which will require a certificate as well. Andreas Aardal Hanssen wrote: >Does anyone on this list have a safe way of providing kerberos >authentication? > >I've thought of a couple of things: > >- storing passwords plain > >Obviously not a solution one would strive for, but there may be safe ways >to do this - retreiving password through an encrypted channel, forced >commands, etc etc > >- symmetric encryption, using private key owned by imap server / > user > >Well, the obvious problem here is that the key can get compromized. > >Andy > > >
smime.p7s
Description: S/MIME Cryptographic Signature
