[techtalk] POP mail security
Chris J/#6
sixie at nccnet.co.uk
Fri Jan 7 01:10:19 EST 2000
Try looking up about APOP authentication. Not all POP servers support it
though, and I don't know what mail client support for APOP is like, but I
think fetchmail is quite happy with it. APOP takes your username and
password, and creates and md5 hash of the password and a timestamp returned
by the pop server, and sends the hash over the wire. The password is never
sent plain.
Chris...
>
> All my users use fetchmail to get mail from my ISP's POP server.
> For lack of resources, I cannot put a pop server on my box.
>
> What is the best way to protect my users passwords from being sniffed?
> Can a user use an encrypted tunnel to send the userid and password to
> the pop server?
>
> Any pointers and experiences appreciated.
>
> Thank you in advance.
>
> Subba Rao
> subb3 at attglobal.net
> http://pws.prserv.net/truemax/
>
> => Time is relative. Here is a new way to look at time. <=
> http://www.smcinnovations.com
>
> ************
> techtalk at linuxchix.org http://www.linuxchix.org
>
--
@}-,'-------------------------------------------------- Chris Johnson --'-{@
/ "(it is) crucial that we learn the difference / sixie at nccnet.co.uk \
/ between Sex and Gender. Therein lies the key / \
/ to our freedom" -- LB / www.nccnet.co.uk/~sixie \
************
techtalk at linuxchix.org http://www.linuxchix.org
More information about the Techtalk
mailing list