On Thu, 25 Mar 2004, Josh Trutwin wrote: > As near as I can tell/guess with ethereal, IMAP over SSL is the exact > same protocol as IMAP just on an SSL enabled port (993 typically) while > STARTTLS is SSL encrypted, but on the IMAP port (143). But with > STARTTLS is it a different protocol? Is the SMTP connection encrypted > too? TLS enables SSL negotiation over a clear-text channel. Once the TLS is initialized, it's just like a normal IMAP session. Neither one of these encrypts SMTP, but you can do SMTP over SSL or STARTTLS with SMTP, too. Note that most imap/smtp daemons will allow you to require TLS or SSL before allowing authentication - I always highly recommend doing that, so you don't get user/pass in the clear. You can also use MD5 authentication, but it's much more complicated to set up. -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500 _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list