-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, November 14 at 02:18 PM, quoth Steffen Kaiser: >On Wed, 14 Nov 2007, Ed W wrote: > >> Is TLS always performed BEFORE auth with generally available POP/IMAP >> clients? > >The IMAP spec does not contain an identification of the client application >to the server. There is no "HELO" as in SMTP.
And HELO in SMTP is entirely unreliable, unverifiable, and on many servers completely skippable. ~Kyle - -- It ain't the parts of the Bible that I can't understand that bother me, it is the parts that I do understand. -- Mark Twain -----BEGIN PGP SIGNATURE----- Comment: Thank you for using encryption! iD8DBQFHOz7CBkIOoMqOI14RAnbPAJ9rhYTjqdcd+4Mnmqtzb0Ydu5PmfQCdEdpM YNO3SxOPFKKVx1xknTbGuzc= =eDdV -----END PGP SIGNATURE-----