After reading this:
It seems that PLAIN is OK, if I am using STARTTLS, which I believe I
am.  I mean, I've set it up, and it _seems_ to work.
So the question I have, to the list, is... how can I verify that the
passwords are being sent over STARTTLS.


    The simplest authentication mechanism is PLAIN. The client simply
    sends the password unencrypted to Dovecot. All clients support the
    PLAIN mechanism, but obviously there's the problem that anyone
    listening on the network can steal the password. For that reason
    (and some others) other mechanisms were implemented.

    Today however many people use SSL/TLS, and there's no problem with
    sending unencrypted password inside SSL secured connections. So if
    you're using SSL, you probably don't need to bother worrying about
    anything else than the PLAIN mechanism.

On 1/28/2011 2:48 AM, Mark Sapiro wrote:
> O
> So you successfully get mail via your pop client in spite of the above.
> My guess is somehow the client first tries plain authentication without
> STARTTLS before trying STARTTLS.
> In my case with pop3 and T'bird I use
> Port 995
> Connection security: SSL/TLS
> Authentication: Normal password
> I haven't tried port 110 and STARTTLS (mostly I use IMAP anyway).

Reply via email to