The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Encrypted SMTP password authentication

Discussion in 'E-mail Discussions' started by กำนัน, Jan 30, 2013.

  1. กำนัน

    Joined:
    Jan 12, 2012
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I no longer want to use plaintext passwords for email authentication (even though I force IMAPS). However, my client is giving me a message that the server does not support encrypted email passwords. I've been unable to find out how to do this with WHM. Please advice if possible?
     
  2. ruzbehraja

    ruzbehraja Well-Known Member

    Joined:
    May 19, 2011
    Messages:
    383
    Likes Received:
    7
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    WHM >> Mailserver Config>>

    Allow Plaintext Authentication (from remote clients)
    This setting will allow remote email clients to authenticate using unencrypted connections. When set to 'no' only connections originating on the local server will be allowed to authenticate without encryption. Setting this to 'no' is preferable to disabling IMAP in the 'Protocols Enabled' section since it will force remote users to use encryption while still allowing webmail to function correctly.
     
  3. ChrisLancs

    ChrisLancs Registered

    Joined:
    May 19, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    This setting only means that the connection has to be a secure connection not that the password encryption is needed. So far as i am aware neither dovecot or courier support encrypted passwords out of the box.

    However with a little help from google i have found for you a link on how to do it, This might be in the cPanel documentation but they didnt come up in the links, so here is the link for using encrypted passwords, I suggest backing up anything you have to edit to do this.

    Dovecot Encrypted Passwords with CRAM-MD5 | Postfix Mail Server Tutorial | PostfixMail.com
     
  4. InterServed

    InterServed Well-Known Member

    Joined:
    Jul 10, 2007
    Messages:
    255
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    DataCenter Provider
    If a cPanel member can read this topic , please create a future request for this. I sure want to enable encrypted passwords on dovecot and drop support for plain auth as we are trying to get PCI Compliance and this will greatly help.
     
  5. Jeremy Richards

    Jeremy Richards Registered

    Joined:
    Dec 3, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator

    Your password is already encrypted if you are using a secure connections i.e. ports 993 and 465 with the SSL option in your email client. Just select normal password and your password will be in an SSL tunnel during transmission. The better step you can take for security at this point is to use a purchased, trusted SSL for your Service SSL certificates instead of the Self Signed ones that most people use on their servers.

    See this forum post for more information, http://forums.cpanel.net/f43/encrypted-password-smtp-364491.html#post1474182
     
Loading...

Share This Page