--On 17 November 2002 09:47 +0000 Julian Bond <[EMAIL PROTECTED]>
wrote:
From the Boingo docs on configuring Outlook Express. Set:-
- My server requires Authentication
- Ensure Logon Using Secure Password Authentication is NOT checked
- Ensure the option right below (This server requires a secure connection
(SSL)) is NOT checked
So it's SMPT AUTH in plaintext.
Ahh, a bit of googling on my part reveals these...:
http://www.washington.edu/imap/listarch/current/msg00157.html
http://www.security.nnov.ru/advisories/oespa.asp
So looks like you're right there. Cyrus has an NTLM module but it's
unsupported (and obviously would be subject to the MitM attack in the
nnov.ru advisory).
Without starting a huge debate about it, I was surprised to find that
Mailman for this list is not configured to do this automatically.
It's fairly common amongst BSD-ish mailing lists.
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
