We recently has a Qualys security scan ran against us and it resulted in the following error:
POP3 Server Allows Plain Text Authentication Vulnerability
---------------------------------
Threat:
Post Office Protocol version 3 (POP3) is an application layer internet standard protocol to retrieve e-mail from a remote server.
Use of the PASS command sends passwords in the clear over the network. Also, servers that answer -ERR to the User command are giving
potential attackers clues about which names are valid.
Solution:
POP3 supports several authentication methods to provide varying levels of protection.
----------------------------------
I would like to know how to correct this issue and/or whether or not I have to upgrade my version. I'm using Standard 1.87.
I found the following KB article and was wondering if this would solve the issue:
http://www.mailenable.com/kb/Content/Ar ... D=me020583
Thanks!