[Dovecot] Different Mechanism for POP3
Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings?
Tim Smith Tel: 01423 564 078 Mob: 07984 398 299 Email: info@titan21.co.uk Web: www.titan21.co.uk
Am 17.11.2012 17:23, schrieb Tim Smith:
Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings?
why not simply allow PLAIN at all?
nearly all modern clients are using CRAM-MD5 as default if offered as also SSL/TLS if offered - let your users decide which mech they are using, really, some of them my use whatever sync-tools like imapsync or whatever which should not bother you at all
On 2012-11-17 2:55 PM, Reindl Harald h.reindl@thelounge.net wrote:
Am 17.11.2012 17:23, schrieb Tim Smith:
Just wondered if there was a way of making the PLAIN an authentication method for POP3S transactions only without making this an option for IMAP? I am attempting to connect to a POP3S server through the GMail interface available through "Accounts and Import". The issue is that there does not seem to be an option to specify the type of mechanism within their interface so I think I have to offer PLAIN along with SSL. Has anyone else had any experience of using the GMail import settings?
why not simply allow PLAIN at all?
+1... as long as you only allow encrypted sessions, there is no security danger allowing PLAIN...
--
Best regards,
Charles
participants (3)
-
Charles Marcus
-
Reindl Harald
-
Tim Smith