1. Forum
  2. FidoNet
  3. WINDOWS

  • pop3/110 non-SSL?

    From August Abolins@2:221/1.58 to All on Monday, February 06, 2023 09:39:00
    I've been reading a bit about the 995/SSL/pop3 issue. it seems
    that not using SSL is more of a problem when using public-wifi.

    My connections to the ISP are direct, either mobile or DSL.

    I'm not sure that pop3/110 sends a password in the clear.

    smtp/465/SSL is the login mechanism, no?

    --
    ../|ug

    --- OpenXP 5.0.57
    * Origin: (2:221/1.58)
  • From Stephen Walsh@3:633/280 to August Abolins on Tuesday, February 07, 2023 10:19:30

    Hello August!

    06 Feb 23 09:39, you wrote to all:

    My connections to the ISP are direct, either mobile or DSL.

    I'm not sure that pop3/110 sends a password in the clear.

    Yes they are in the clear.


    smtp/465/SSL is the login mechanism, no?

    There is also another tab you can check and that's the "Outgoing Server" tab, the option there to turn on is "My server requires Authorization".
    Then use "same as incoming".






    Stephen


    --- GoldED+/LNX 1.1.5-b20220409
    * Origin: Dragon's Lair BBS, Telnet: dragon.vk3heg.net (3:633/280)
  • From August Abolins@2:221/1.58 to Stephen Walsh on Monday, February 06, 2023 19:36:00
    Hello Stephen!

    I'm not sure that pop3/110 sends a password in the clear.

    Yes they are in the clear.

    Definitely, I should definately avoid Outlook then. But I also
    use Mailwasher to preview server mail status; MW doesn't seem
    to have any secure port settings at all. :(

    I don't really travel with my XP laptop anymore; it just sits
    at home. I understand that most of these in-the-clear pw
    sessions are primarily a concern over public wifi.


    smtp/465/SSL is the login mechanism, no?

    There is also another tab you can check and that's the
    "Outgoing Server" tab, the option there to turn on is "My
    server requires Authorization". Then use "same as
    incoming".

    I have about 4 email accounts that I use with the server. A
    couple of them are configured to use the "requires
    Authorization". But SSL/995/pop3 stil doesn't cooperate.

    --
    ../|ug

    --- OpenXP 5.0.57
    * Origin: (2:221/1.58)
  • From Real User@anthk@disroot.org to All on Sunday, March 05, 2023 09:41:59
    On 2023-02-07, August Abolins <august.abolins@2> wrote:

    Hello Stephen!

    I'm not sure that pop3/110 sends a password in the clear.

    Yes they are in the clear.

    Definitely, I should definately avoid Outlook then. But I also
    use Mailwasher to preview server mail status; MW doesn't seem
    to have any secure port settings at all. :(

    I don't really travel with my XP laptop anymore; it just sits
    at home. I understand that most of these in-the-clear pw
    sessions are primarily a concern over public wifi.


    smtp/465/SSL is the login mechanism, no?

    There is also another tab you can check and that's the
    "Outgoing Server" tab, the option there to turn on is "My
    server requires Authorization". Then use "same as
    incoming".

    I have about 4 email accounts that I use with the server. A
    couple of them are configured to use the "requires
    Authorization". But SSL/995/pop3 stil doesn't cooperate.

    --
    ../|ug

    --- OpenXP 5.0.57
    * Origin: (2:221/1.58)

    Try Retrozilla, I think it came with a mail client.
    You can enable up to TLS v1.3 with a setting in about:flags
    from a web I found somewhere:

    "To anyone who may read this post, Retrozilla does support AES-GCM
    cipher suites, but you need to enable them through about:config. search
    "security.ssl3" then create a new Boolean
    "security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256" and
    "security.ssl3.ecdhe_rsa_aes_128_gcm_sha256". Retrozilla works very
    well, and I'm excited for the next version (especially a 3.0 release)."

    Get retrozilla:

    http://piteusz.ovh/files/windows/9x-nt/