[Dovecot] SSL/TLS with Outlook client

Kyle Wheeler kyle-dovecot at memoryhole.net
Wed Nov 14 20:30:26 EET 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday, November 14 at 02:18 PM, quoth Steffen Kaiser:
>On Wed, 14 Nov 2007, Ed W wrote:
>
>> Is TLS always performed BEFORE auth with generally available POP/IMAP 
>> clients?
>
>The IMAP spec does not contain an identification of the client application 
>to the server. There is no "HELO" as in SMTP.

And HELO in SMTP is entirely unreliable, unverifiable, and on many 
servers completely skippable.

~Kyle
- -- 
It ain't the parts of the Bible that I can't understand that bother 
me, it is the parts that I do understand.
                                                          -- Mark Twain
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iD8DBQFHOz7CBkIOoMqOI14RAnbPAJ9rhYTjqdcd+4Mnmqtzb0Ydu5PmfQCdEdpM
YNO3SxOPFKKVx1xknTbGuzc=
=eDdV
-----END PGP SIGNATURE-----


More information about the dovecot mailing list