Eric Lobenstine wrote:
>
> hello -
>
> I have been thinking about the advantages of APOP authentication for my
> email users, but not all of them have clients capable of APOP. If you
> compile qpopper with APOP enabled, does that mean that EVERYONE has to use
> APOP? Or can some users authenticate with APOP, and others use regular,
> unencrypted passwords?
>
> cheers!
>
> Eric Lobenstine
>
> Eric Lobenstine, Ph.D. [EMAIL PROTECTED]
> Manager of Computers and Network (716)275-0340
> Chemistry Department (716)473-6889 (FAX)
> University of Rochester
> Rochester, NY 14627-0216
Check the INSTALL file. The capability is there on the command line. -p2
I believe will allow both. The problem is, what do you win if you allow
both? It only takes one sniffed passwd to compromise your network. I'm
setting things up to allow both types of authentication on site (we're
switched and basically trust our users)and only apop from off site. (or
ssh etc... but apop is easier for the users)
On a side note, does anybody know if Netscape has plans to support apop
in their mail tool? How about Eudora for linux/unix?
-Joel
