Adam Tauno Williams <awilliam@xxxxxxxxxxxxx> wrote: >> A friend of mine is asking me about security risks of using IMAP & >> POP3 protocols. Why? Because a sales person told my friend that IMAP >> protocol is less secure than POP3 protocol. This reminds me of a concern that was raised about U Wash IMAP and storage of mail in unix home directories. In that setup IMAP access is based on unix file system permissions, and IMAP will open files that are not mail files if the user has unix file permissions to open them-- including various system files. This always struck me as a bogus concern since the user could also telnet in and see the same files! The protocol itself is no less secure than POP. I don't understand why POP is still around. Joseph Brennan Columbia University Information Technology ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
