Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

HCL Notes/Domino 8.5 Forum (includes Notes Traveler)

HCL Notes/Domino 8.5 Forum (includes Notes Traveler)
Previous Next
Subject: Disable unencrypted SMTP authentication?
Feedback Type: Problem
Product Area: Domino Server
Technical Area: Administration
Platform: ALL
Release: 8.5.2
Reproducible: Always

In a recent audit, we were advised on the following:

"The Simple Mail Transfer Protocol (SMTP) service accepts unencrypted authentication using the “login” command for the AUTH service. If the SMTP service is configured to allow users to send email from external sources, authentication credentials are transmitted in plaintext.

"A malicious individual could use network monitoring tools to obtain any credentials submitted to the services.

"We recommend you reconfigure the SMTP service to disable unencrypted authentication."

Is this possible? If so, how is it done? I've searched the web quite a bit, but don't find an answer.


Feedback number WEBB8R26DN created by ~Manny Asahipiterettu on 01/31/2012

Status: Open
Comments:





Printer-friendly

Search this forum

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS