On Fri, Dec 31, 1999 at 02:07:51AM +0000, hypnos wrote:
> is the imap protocol a secure protocol?
Sort of.
>by this i
> mean does it encrypt the traffic and not pass it
> over the network in clear-text, like pop3?
nope. It does not encrypt the session traffic. But if you're
really that scared about people reading your email, you're already
having people pgp encrypt all mail that goes to you, right, so you
don't actually care if someone can sniff the mail as it's going by?
If not, there's plenty of oppurtunity to read it as it goes across
the net by our friend SMTP.
now if you just care about the password, the answer is: maybe.
imap as a protocol doesn't care how the user authenicates itself,
there are provisions for kerebos authentication, to md5 hashes, to
plaintext login. It all depends on what the server and client support.
furthur reading:
RFC 2095 + 1734:
http://www.cis.ohio-state.edu/htbin/rfc/rfc2095.html or rfc1734.html
same place.
you could also use ssh+pop3. there's a howto on that.
http://metalab.unc.edu/pub/Linux/docs/HOWTO/mini/Secure-POP+SSH
have fun
greg
--
this is not here
