On 15-May-2001 NGUYEN Ngoc Can wrote:
> Davide,
>
> Can i use Ldap for POP3 authentification ??? I do not see in the
> documentation
You can create a program that uses LDAP for authentication with XMail ( see
www.openldap.org ).
>
> I do not try again, but is POP3 and SMTP authentification are protected
> by Sniffer ??? (for example NGREP = Network Grep like grep Linux
> command)
Standard POP3 authentication can be sniffed and Your login could be cloned.
APOP can be sniffed but not cloned.
PLAIN and LOGIN SMTP auths are not secure from a sniffer point of view,
CRAM-MD5 yes.
Anyway, if someone can run a sniffer inside Your network he could do a lot of
bad things.
If caould prevent this by using intelligent switches that route ethernet
traffic only to destination interfaces.
- Davide
