Require clients to connect with SSL
I disabled this option because of compatibility issues:
Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server.
How bad is set this option to off? What security concerns should I have regarding this? I've read the documentation, but I'm not sure about the protection I'll have by activating this.
How bad is set this option to off? What security concerns should I have regarding this? I've read the documentation, but I'm not sure about the protection I'll have by activating this.
-
Hello, Per the description, disabling this option will significantly decrease the security of the server by allowing the plaintext transmission of authentication credentials. Essentially, it could allow a hacker to see the actual passwords used to access an account from a compromised system. Thank you. 0 -
I understand now! As always, thank you Michael! :D 0
Please sign in to leave a comment.
Comments
2 comments