Back to Community Threads
1
CRAM-MD5 Support on POP/IMAP/SMTP
Idea shared by Scarab - 10/24/2014 at 12:07 PM
Proposed
It would appear that Smartermail does not provide support for CRAM-MD5 on POP/IMAP/SMTP and only supports Plain-Text Authentication Method.
 
Although it is true that CRAM-MD5 is far less secure than connections encrypted with TLS, it should be an option available for those without SSL as it is still a better option than Plain-Text without SSL/TLS.
 
Primarily, the main reason I make this suggestion is that all Apple products (both MacOS and iOS devices) default to CRAM-MD5 ("MD5 Challenge-Response"on all connections (including previously configured accounts) every time there is an update, which generates a huge number of support calls for Smartermail every time a new iOS or MacOS update is released.

2 Replies

Reply to Thread
0
What version of SmarterMail are you using. I'm on the latest and it supports CRAM-MD5 just fine. Here's what my server replys after an ehlo:

250-SIZE
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK

Telnet to your server on port 25 and just issue an ehlo and see what your server responds with.

-Joe
Thanks, -Joe
0
Confirming Joe's findings:

220 securemail.chicagonettech.com Sat, 25 Oct 2014 03:11:12 +0000 UTC | Smarter Mail Enterprise 12.5.5409.18348
EHLO
250-securemail.chicagonettech.com Hello [XXX.XXX.XXX.XXX]
250-SIZE 52428800
250-AUTH CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK

with the exception that we've completely disabled the plain text login capabilities
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
Back to Community Threads

Reply to Thread

Enter the verification text

Related Knowledge Base Articles

Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
SmarterMail for Linux – SSL/TLS & Certificate ReferenceSmarterMail > Server Configuration and Management
Commonly used ports for SmarterMailSmarterMail > Troubleshooting
Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management
Migrate an Account From Another Service into SmarterMailSmarterMail > Domain/User Configuration and Management