Robert Wolf wrote:
else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you have enabled something like cram-md5.
Hi,
exactly, this is the reason, why plain-text is still needed. You don't need encryption for authentication, if you have secure authentication. Without knowing original password, the MITM cannot generate correct hash for login, so the connection can be plain-text.
You don't need plaintext to use CRAM-MD5: there's no problem have *both* CRAM-MD5 and SSL (it's overkill, but works). And mail data is worth protecting too.
Of cource, if you then download your emails, the MITM can still read these emails too, if these emails are plain-text (not encrypted using e.g. SMIME or GPG). But he cannot misuse your login.
No argument here about using end-to-end encryption, but protecting mail data and metadata is important too. Don't forget also, it's not just about the privacy (reading) of mail data, but it's also important to guarantee the authenticity of mail data from tampering.
By the way, if we assume a hostile network where MITM is possible, then even closing STARTTLS ports will not guarantee confidential transport: the MITM attacker can merely open up a fake plaintext-only service port, then proxy that to the target server. The client must deny non-secured transport to be fully protected.
Joseph Tam jtam.home@gmail.com