Print

Print


On Wed, 26 Jan 2011, Russ McDonald wrote:

> I agree that this is not the best practice, but am also aware that the 
> UVM mail servers have only allowed encrypted passwords since sometime 
> last summer.

Make that "have only REQUIRED encrypted passwords since...".  We have 
allowed encrypted passwords (and most people used encrypted connections) 
for many many years.

> Would you please update the list if you are able to shed any more light 
> on this strange behavior.

Given the Droid and other mobile device problems, we are likely to replace 
the InCommon certificate with one from the last vendor we used (Geotrust).

More on this soon...

Mike

> 
> On 1/26/2011 10:31 AM, Jim Lawson wrote:
>       I borrowed Zoey's phone, and I can confirm that changing to TLS (if available) works.
>       TLS (always) does not.
>
>       Speaking as someone with a passable knowledge of SSL/TLS, and the one who configured
>       the mail servers at UVM, this makes no sense.  I think it is a client bug.
>
>       However, it does seem to work.  It's not a great security practice, but fortunately
>       UVM's IMAP servers won't let you log in with a password sent in the clear, so it is
>       safe to do with our servers.  I wouldn't recommend it with other IMAP servers, though,
>       unless the admin of the other server tells you it's OK, or you don't mind if someone
>       can sniff your password.
>
>       Jim
>
>       On 01/26/2011 10:21 AM, Russ McDonald wrote:
>             Hi Zoey,
>
>             I ran into this too... changing to TLS (when available) corrected it.
>
>             Best
>             -Russ
> 
>
>             On 1/26/2011 10:07 AM, Zoey Trenkle wrote:
>                   I stopped being able to get incoming emails using K9 Mail for
>                   my UVM account on my Android.  I can send emails just fine.
>
>                   Here are my current incoming server settings: 
>
>                   security type: TLS (always)
>                   Authentication type: plain
>                   port: 143
>
>                   I think this is affecting other people on campus, as well.
>                   Does anyone know of a solution?
>
>                   Thanks,
>                   Zoey
> 
> 
> 
> 
> -- 
> J. Zoey Trenkle
> Information Technology Professional
> Student Financial Services 
> The University of Vermont
> tel: 802-656-0365
> fax: 802-656-4076 
> [log in to unmask]
> 
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> STATEMENT OF CONFIDENTIALITY 
> This e-mail message, including any attachments, is for the sole
> use of the intended recipient(s) and may include privileged or
> otherwise confidential information. Any unauthorized review, 
> forwarding, printing, copying, use, disclosure or distribution is
> strictly prohibited and may be unlawful. If you received this 
> message in error, or have reason to believe you are not the 
> intended recipient, please contact the sender by reply e-mail 
> and destroy all copies of the original message.
> 
> 
> -- 
> Russ McDonald
> Information Tech Professional
> Admissions Office
> The University of Vermont
> (802) 656-0234 (Voice)
> (802) 656-4663 (Fax) 
> [log in to unmask]
> 
> UVM is subject to the Vermont Public Records Act and communications to and from this email address,
>  including attachments, are subject to disclosure unless exempted under the Act or otherwise applic
> able law.
> 
> 
> 
> -- 
> Jim Lawson
> Systems Architecture & Administration
> Enterprise Technology Services
> University of Vermont
> Burlington, VT USA
> 
> 
> -- 
> Russ McDonald
> Information Tech Professional
> Admissions Office
> The University of Vermont
> (802) 656-0234 (Voice)
> (802) 656-4663 (Fax) 
> [log in to unmask]
> 
> UVM is subject to the Vermont Public Records Act and communications to and from this email address,
>  including attachments, are subject to disclosure unless exempted under the Act or otherwise applic
> able law.
> 
>