> > > -----Original Message----- > From: ProFox [mailto:[email protected]] On Behalf Of Ken Dibble > Sent: 29 July 2013 17:23 > To: [email protected] > Subject: [NF] Typical Email Security Protocols? > > > What is the typical connection protocol used for POP/SMTP email? > > POP3. Or SMTP. You are asking about (1) authentication: how the server decides to let you send/recieve messages and (2) encryption: whether the connection is "in the clear" or encrypted. Those are two separate questions.
Disclaimer: most of what I write below is true-ish. I simplify to make the message shorter and/or out of ignorance :) It depends on the situation: are you talking about in-house, within-the-network communications or "over the internet" connections? Typically, in-house takes place as plain text, which is dumb, because there hasn't really been a difference between "in" and "out" in a decade now. 1. Authentication: Every admin who runs a server can set the types and levels of authentication required. Different servers written by different people have different options. The simplest simply allows a user who claims to have an account to send mail. On the internet, these are often referred to as "open relays" and should be stomped out where ever found. Others require passwords, hashes, etc. See http://en.wikipedia.org/wiki/SMTP_Authentication Some POP servers are configured to require you to authenticate against the SMTP server before accessing the POP server to read mail. See also, yeah: https://en.wikipedia.org/wiki/Post_Office_Protocol 2. Encryption: TLS is a special form of SSL, a secure encryption layer that masks communications end-to-end. These are often used by Internet Service Providers and professional mail hosting facilities. And MAPI is not a protocol nor even a true API; it's a proprietary protocol between Microsoft clients and Microsoft servers, unsuitable for use over the internet or in an environment where interoperability ("playing well with others") is required. -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com --- StripMime Report -- processed MIME parts --- multipart/alternative text/plain (text body -- kept) text/html --- _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/CACW6n4uw-C6oL9cCoHJiBMi6NGfzx3zMkSW2o==g7KSNXw=l...@mail.gmail.com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
