IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [pop3]

7 questions
13
votes
4 answers

Does IMAP/POP3/ASP undermine Two-Factor Auth?

When I log in to hotmail or Google or posteo I can only log in using the 2FA that I have set up. However, each provider seems to have an alternative for apps that do not auth via a web client. Hotmail/Google: 16-lowercase-characters "app-specific"…
CCXD
  • 131
  • 1
  • 1
  • 3
8
votes
2 answers

Why are common services using implicit SSL not considered obsolete in the way that SMTPS is?

SMTPS (implicit SSL) has been deprecated/obsolete since SMTP+STARTTLS (explicit SSL) was defined in RFC2487. I'm not entirely clear on the reasoning behind that, but it was clearly considered a good idea at the time. A parallel can be seen with IMAP…
Synchro
  • 647
  • 1
  • 6
  • 14
6
votes
3 answers

Better safety: Webmail or POP3/IMAP email client?

Which offers a higher level of safety: Webmail or using a POP3/IMAP client? Assume the following for webmail: Access via HTTPS Rarely downloading any attachments, but in cases where it may be necessary, carefully verifying the integrity and…
RockPaperLz- Mask it or Casket
  • 3,114
  • 21
  • 50
2
votes
2 answers

Domain offline - are unmaintained email clients a security risk?

I have just unregistered a domain. Now my mail client (Thunderbird) popped up a message saying that it cannot connect to the mail server. That's fine - for the moment. However, I wonder what would happen when someone else registers the domain. Given…
Thomas Weller
  • 3,246
  • 3
  • 21
  • 39
0
votes
1 answer

Who is accessing my pop3 email accounts?

Recently I started receiving "Third-party application access to your Zoho Account" warning emails from Zoho.com regarding my Zoho email accounts, saying things like: We noticed a third-party application(POP) accessed your Zoho Account associated…
Ryan
  • 315
  • 4
  • 13
0
votes
1 answer

Email including self-shredding macro after "Seen" flag is set

Bob sent an email to Alice with nothing much useful and tenuous ( but because it isn't useful it can ruin Bob's reputation if bad Alice decide to publish. ) Is there a way for Bob to include a suicide-after-a-specified-time macro inside the email…
guest
  • 1
  • 1
0
votes
1 answer

Risks in open POP3/IMAP ports?

I found a domain with open POP3 (110) and IMAP (143) ports. I was able to use TELNET to connect to them successfully, but beyond this is there any common vulnerability/exploit I should test on them, or is this even a security problem to have them…
Jack
  • 471
  • 2
  • 6
  • 18