Welcome, Guest
Please Login or Register.
Lost Password?
Virtualmin Forum English Webmin
Is Dovevot authentication method using Plain-text secure? (1 viewing)
Post Reply

TOPIC: Is Dovevot authentication method using Plain-text secure?
#4440
ah...lifes...good (User)
Posts: 260
graphgraph
Is Dovevot authentication method using Plain-text secure? 2007/04/06 06:42  
I noticed that Dovecot is set by default to authenticate using Plain-text. Is this really OK from a security standpoint?

When I try to include other authentication methods, e.g. Digest-MD5, Cram-MD5, APOP, Dovecot server stopped working.

What's the deal? Can we up the security barrier up a little on this?

Thanks.
  The administrator has disabled public write access.
#4493
sgrayban (User)
Posts: 590
graphgraph
Re: Is Dovevot authentication method using Plain-text secure? 2007/04/09 03:37  
Use pop3s instead of pop3 in the config. Where the 's' means ssl.

# Protocols we want to be serving:
# imap imaps pop3 pop3s
protocols = imaps pop3s
Scott Grayban
BORGNET dot US Internet Hosting
VM Pro Reseller
  The administrator has disabled public write access.
#4501
ah...lifes...good (User)
Posts: 260
graphgraph
Re: Is Dovevot authentication method using Plain-text secure? 2007/04/09 10:41  
Brilliant. Now why didn't I think of that! Thanks, Scott.
  The administrator has disabled public write access.
Post Reply
get the latest posts directly to your desktop

Learn

About
Documentation
FAQ
Compare

Talk and Get Help

Support
Forums
Bugs and Issues

See It In Action

Screenshots
Video Introduction
Demo

Get Virtualmin

OS Support
Buy Online
Download
 Copyright 2005-2007 Virtualmin, Inc. All rights reserved.