On 2020/09/27 at 12:05pm, ed neville wrote: > Just out of interest, does anyone know /why/ organisations, in their > rampant desire to outsource to the cloud disable IMAP and SMTP > protocols whilst doing that? Is something to be feared? Surely MS > cares only that people pay the monthly rent on Office 365?
One educational organization that I work with describes POP3 and IMAP as "legacy" protocols that are not as secure as "modern" ones. "Modern" ones being things like OAUTH2. I can't speak to the actual security benefits, but I suspect that most IT people at the organization assume or expect that everyone uses Outlook, so why would they need IMAP? Of course, these same IT people still require us to change our passwords every 3 months. Guess they didn't get that memo. I've heard (don't remember where) that for a while at least, MS required password changes as part of their security requirements. It is possible that they also "highly recommend" turning off "legacy protocols". To be fair, the IT people were also nice enough to leave IMAP on for me, at least for a while. I think they are going to turn it off, no exceptions for anyone, next summer. -- Chris Spackman ch...@osugisakae.com ESL Coordinator The Graham Family of Schools ESL Instructor Columbus State Community College Japan Exchange and Teaching Program Wajima, Ishikawa 1995-1998 Linux user since 1998 Linux User #137532
