Try looking up about APOP authentication. Not all POP servers support it
though, and I don't know what mail client support for APOP is like, but I
think fetchmail is quite happy with it. APOP takes your username and
password, and creates and md5 hash of the password and a timestamp returned
by the pop server, and sends the hash over the wire. The password is never
sent plain.
Chris...
>
> All my users use fetchmail to get mail from my ISP's POP server.
> For lack of resources, I cannot put a pop server on my box.
>
> What is the best way to protect my users passwords from being sniffed?
> Can a user use an encrypted tunnel to send the userid and password to
> the pop server?
>
> Any pointers and experiences appreciated.
>
> Thank you in advance.
>
> Subba Rao
> [EMAIL PROTECTED]
> http://pws.prserv.net/truemax/
>
> => Time is relative. Here is a new way to look at time. <=
> http://www.smcinnovations.com
>
> ************
> [EMAIL PROTECTED] http://www.linuxchix.org
>
--
@}-,'-------------------------------------------------- Chris Johnson --'-{@
/ "(it is) crucial that we learn the difference / [EMAIL PROTECTED] \
/ between Sex and Gender. Therein lies the key / \
/ to our freedom" -- LB / www.nccnet.co.uk/~sixie \
************
[EMAIL PROTECTED] http://www.linuxchix.org
