Welcome Guest. Please Login or Register  
Client Area  |  Softaculous Cloud  |  Calendar  |  Quick Links  |  
   


You are here: Index > Webuzo > General Support > Topic : Disable Cleartext Login on port 587 tcp submission



Normal Mode | Print  

 Disable Cleartext Login on port 587 tcp submission (2 Replies, Read 12087 times)
peopleinside
January 2, 2016, 10:27 pm
Group: Member
Post Group: Super Member
Posts: 1394
Status:

Open source, web and security passionate 		The SMTP server advertises the following SASL methods over an unencrypted channel:

All supported methods: LOGIN, PLAIN

Cleartext methods: LOGIN, PLAIN

Recommended Solution:


 
  Configure the service to support less secure authentication mechanisms only over an encrypted channel.
 

Impact:


 
  An attacker may be able to uncover user names and passwords by
sniffing traffic to the server if a less secure authentication mechanism
(i.e.  LOGIN or PLAIN) is used.
 

How to fix this?
How to secure Dovecot or Exim to disable that insecure login plain?
Thanks


-----------------------
PeopleInside  :angel:

Web, security, open source passionate.
IP: --   


Threads
 peopleinside   Disable Cleartext Login on port 587 tcp submission (2 Replies, Read 12087 times)
    |--  valley   The Dovercot Sieve...   on January 19, 2016, 6:03 pm
    |--  peopleinside   Solution is more...   on January 19, 2016, 6:08 pm

« Previous    Next »

Normal Mode | Print  



Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is May 23, 2024, 3:29 pm.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 10  |  Page Created In:0.033