> What is the typical connection protocol used for POP/SMTP email?
>
>
POP3. Or SMTP. You are asking about (1) authentication: how the server
decides to let you send/recieve messages and (2) encryption: whether the
connection is "in the clear" or encrypted. Those are two separate questions.
Disclaimer: most of what I write below is true-ish. I simplify to make the
message shorter and/or out of ignorance :)
It depends on the situation: are you talking about in-house,
within-the-network communications or "over the internet" connections?
Typically, in-house takes place as plain text, which is dumb, because there
hasn't really been a difference between "in" and "out" in a decade now.
1. Authentication:
Every admin who runs a server can set the types and levels of
authentication required. Different servers written by different people have
different options. The simplest simply allows a user who claims to have an
account to send mail. On the internet, these are often referred to as "open
relays" and should be stomped out where ever found. Others require
passwords, hashes, etc. See http://en.wikipedia.org/wiki/SMTP_Authentication
Some POP servers are configured to require you to authenticate against the
SMTP server before accessing the POP server to read mail. See also, yeah:
https://en.wikipedia.org/wiki/Post_Office_Protocol
2. Encryption:
TLS is a special form of SSL, a secure encryption layer that masks
communications end-to-end. These are often used by Internet Service
Providers and professional mail hosting facilities.
And MAPI is not a protocol nor even a true API; it's a proprietary protocol
between Microsoft clients and Microsoft servers, unsuitable for use over
the internet or in an environment where interoperability ("playing well
with others") is required.
Thanks Ted.
I am getting that POP/SMTP is not often used in any case, with or without
SSL/TLS. Still, it's not entirely dead.
All of the email services we use require authentication. Two of them
require sending a complete valid email address, and password, served by the
server; one just requires a login name and password (that's my internal
email server on the LAN, which is restricted to only communicate
internally). None of them require SSL and at least two of them won't permit it.
The issue is that the newest update for our network-managed antivirus
software appears to expect and require that all POP/SMTP connections use
SSL. However, the implementation of this highly questionable requirement is
also buggy. Therefore it disrupts email communications for clients that are
NOT using SSL, and it does so on a random, unpredictable basis.
So far I've seen only two reports of this problem on the antivirus
company's public forum, and one of them was mine. So I was trying to
understand how it could be that more people haven't seen and complained
about it.
Thanks again.
Ken Dibble
www.stic-cil.org
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
