SSL on IMAP/POP3/SMTP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- SSL on IMAP/POP3/SMTP
Re: SSL on IMAP/POP3/SMTP
30-01-2016 10:18 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I would love to work for plusnet, getting months to update one email server
just tried to test ssl on relay.plus.net No ssl/tls at all O_o
Re: SSL on IMAP/POP3/SMTP
31-01-2016 2:32 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: chrcoluk Bob I updated ciphers on about 8 email servers today.
Perhaps we should change the thread to TLS on IMAP/POP3/SMTP.
Although SSLv2 and SSLv3 may not have been vulnerable when this thread was started, we'd hate for those to be the implemented offerings when they finally do come round!
Re: SSL on IMAP/POP3/SMTP
31-01-2016 3:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSL on IMAP/POP3/SMTP
08-02-2016 6:38 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
What is the hold up? Is it technical? Is it financial?
Giving the forum some kind of meaningful update would be nice.
Re: SSL on IMAP/POP3/SMTP
11-02-2016 3:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSL on IMAP/POP3/SMTP
16-02-2016 9:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I have some news regarding this issue, but firstly let me give some background about my concerns.
. My father can be described as a 'silver surfer'; this is the sort of person who would not ordinarily look for an alternative (read: secure) email service. He uses his iPad via WiFi in various locations and I feel it is fair that he should have a modicum of security whilst retrieving emails.
. An ISP based email service has a degree of permanency about it - call me old fashioned, but I would rather use Plusnet email for 'serious' matters rather than some free alternative.
. BT and other ISPs provide SSL.
. Is it fair I should have to use an alternative secure email provider based on the point above?
As this has been going on for some time, I composed a letter to the CEO of Plusnet.
I promptly received a very nice letter from customer support, but in short:
. It is being worked on but 'is not something we are fully focused on'.
. PN email is 'a basic email service and free to customers'.
. (PN) 'Primarily we are an ISP'
. 'We do suggest customers to look at a dedicated email provider'.
Therefore my only option is for Outlook.com to retrieve Plusnet emails and I will use Outlook.com SSL in my email clients. As for my father, I am going to have to think about it.
Unfortunately unless there is a big sea change with Plusnet, this thread is dead. Plusnet have not done me proud!
Happy surfing!
Richard
Re: SSL on IMAP/POP3/SMTP
18-02-2016 11:35 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
EDIT: I now realise I first raised this in 2008 and several times after that! PN's reassurances sound very familiar.
http://community.plus.net/forum/index.php/topic,80423.msg654997.html#msg654997
http://community.plus.net/forum/index.php/topic,74714.msg627827.html#msg627827
http://community.plus.net/forum/index.php/topic,1993.msg559738.html#msg559738
http://community.plus.net/forum/index.php/topic,65729.msg527407.html#msg527407
Re: SSL on IMAP/POP3/SMTP
19-02-2016 9:14 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob
Quote from: glocal Over the last two years I asked this question here but never received a satisfactory answer: why doesn't PN offer SSL protection to its POP3/IMAP/SMTP by default?
It's something that we would like to do and certainly isn't outside of the realms of possibility. It's not on our development roadmap at present but as soon as the opportunity arises we can certainly look at offering a secure means of accessing your mail using IMAP/POP3.
Regarding the Watchdog program you can catch it on iPlayer if you missed it (just watched it myself).
They were targeting Gmail accounts and whilst they didn't tell you how they were doing this, I got the impression that they were scanning for new DHCP clients on the hotspot and then hijacking their web sessions by stealing their cookie/session data.
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SSL on IMAP/POP3/SMTP
29-02-2016 11:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I suspect secure mail isn't a priority as there probably isn't a long term future for a free plusnet ISP mail service. It's not core ISP business these days. I'd love Plusnet to say otherwise as I am also now a PN customer and would prefer to use a secure Plusnet mail service.
Re: SSL on IMAP/POP3/SMTP
01-03-2016 10:09 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: ClassicLaddie I suppose at least webmail.plus.net is protected by an ssl certificate but even then it is a wildcard which has inherent security risks.
At the risk of drifting off-topic, what is your concern with PN's use of wildcard certificates?
Re: SSL on IMAP/POP3/SMTP
17-03-2016 4:38 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSL on IMAP/POP3/SMTP
21-03-2016 10:39 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I speak as someone who loves to download my email using Thunderbird because I have three email addresses (in addition to PNs) which I can access via one interface at the click of a button. I have decided to not use my PN email account except to view, maybe once a month, via webmail portal in case PN send me any emails.
I agree with rockyhorror. This thread is dead. The solution is in your hands, not PNs.
Re: SSL on IMAP/POP3/SMTP
21-03-2016 12:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
More importantly, PN (the 'honest' provider) has been lying to its customers about its plans for years, and has been exposing users to snooping by keeping quiet about the implications of its setup.
The 'simple' solution is to move to another ISP/telephony provider and let people know about the vulnerability PN refused to address.
Re: SSL on IMAP/POP3/SMTP
01-05-2016 12:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
This is getting silly now - certain apps like Android Outlook don't even have the option anymore from none-secure IMAP.
PLEASE can we have a status upgrade on this? Surely there must be some plans.
Re: SSL on IMAP/POP3/SMTP
08-09-2016 6:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Well - the lack of SSL has reared it's ugly head!
Due to the attitude of PN not willing to do anything about this, I use a third party to retrieve PN emails. I use a secure client with this third party.
However, I had not set my wife's phone in such a manner, so whilst on holiday our COMSEC lapsed whilst using unsecured hotel WiFi and a phone email client.
Imagine my surprise when I see strange login attempts on my server in the UK using my wife's PN email username originating from the city abroad we had been a week previously!
So PN:
. You still insist in providing insecure email.
. I use a third party DNS as yours give me trouble.
Is this the consequence of an ISP on the cheap?
I am surprised that Bob Pullen was allowed to make encouraging noises regarding this issue when the company line is a firm no.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page