Mailing List SIMS@mail.stalker.com Message #15121
From: Stefan Jeglinski <jeglin@4pi.com>
Subject: Re: poppassd & Eudora
Date: Wed, 14 Sep 2005 21:32:07 -0400
To: SIMS Discussions <SIMS@mail.stalker.com>
I just assumed that all e-mail clients could do this since Eudora could, and SIMS can. I since found that a) the protocol was basically invented at Qualcomm, and that b) few (none?) other pop clients support it.

And c) it is so grossly insecure that support for it should be disabled in anything capable of it.

Please expand. I saw reference to a DOS attack that was patched, but otherwise, why claim that it is so grossly insecure when normal e-mail is so grossly insecure anyway? Is there something *beyond* sending passwords in clear text that makes poppassd so insecure?


Stefan Jeglinski

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster