Using TLS - how do you know if your isp or mail host requires this?
Derek Broughton
news at pointerstop.ca
Tue Oct 24 12:27:52 UTC 2006
wade at wadesmart.com wrote:
> 10232006 1306 GMT-6
>
> Ok. That is what I wanted to know. Thank you very much.
>
>> You mean cleartext instead of encrypted, right? POP3 is a cleartext
>> protocol, much like HTTP or IMAP, and thus, credentials are sent
>> always in the clear.
Somebody broke the thread here, so I don't know what the original question
was. However, I have to disagree with you. POP3 or IMAP with TLS is more
like HTTPS than HTTP.
If your provider supports TLS, your credentials should _NOT_ be sent in the
clear.
To determine if your server handles TLS, use telnet:
# telnet servername pop3
capa
quit
if it responds with "STLS", TLS is supported.
For IMAP:
# telnet servername pop3
a CAPABILITY
a LOGOUT
if it responds with "STARTTLS", TLS is supported.
Then you need to be using a mail client that will _also_ use TLS. Most of
them will.
In short, what happens with either POP3 or IMAP is that the mail client
connects and asks for "capabilities" before logging in. If the server says
it supports TLS, the client may then send the appropriate command to start
TLS. The two machines set up a TLS encrypted connection, _then_ your
client logs in.
--
derek
More information about the ubuntu-users
mailing list