On Thu, Feb 12, 2009 at 5:49 PM, Jason Voorhees <jvoorhees1@xxxxxxxxx> wrote: > Hi people: > > A friend of mine is asking me about security risks of using IMAP & > POP3 protocols. Why? Because a sales person told my friend that IMAP > protocol is less secure than POP3 protocol. This assumption is not > related to Cyrus IMAP, instead is related only to the protocols. > I'm searching at Google something about POP3 & IMAP security but I'm > not pretty sure about comments I can found in forums or other sites. > > Does anybody here know anything about security risk of these > protocols? Is it true that one of them is less secure than the other > one? > > Thanks, bye > Thanks everyone for your replies, they were good answers with different points of view. Actually, I made a mistake writing my post: My friend told me that the sales person believes that POP3 has security problems and is vulnerable so recommends IMAP as a replacement of use at final users. Anyway, it doesn't matter what the sales person really said because I can see now that the argument of using one protocol instead the other one depends much of the context. The POP3/IMAP server (now running Zimbra) is running at my friend's office with all his users using POP3. I will migrate its mailserver to Cyrus + MTA+other components...and they plan to use IMAP now. I will explain him every point of view that you shared with me. Thanks again :) ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
