Richard Williams Posted June 12, 2018 Share Posted June 12, 2018 Hi, We have a security incident at the moment with Hornbill whereby the Hornbill service is sending data in to Exchange across the Internet using POP3 (Port 110) but is not using an encrypted (TLS) connection. As a result, Usernames and Passwords are being sent in clear text across the Internet to our Exchange environment. We have identified the cause and we would like to switch on TLS for POP3 connections ASAP – however, can you please confirm with Hornbill that they are able to communicate using POP3 with TLS before we do so? Link to comment Share on other sites More sharing options...
Victor Posted June 12, 2018 Share Posted June 12, 2018 @Richard Williams this wiki article should answer your questions: https://wiki.hornbill.com/index.php/E-Mail_Protocol_Support Link to comment Share on other sites More sharing options...
Keith Stevenson Posted June 12, 2018 Share Posted June 12, 2018 Richard, Just to clarify. This is not a security incident with Hornbill but with your Exchange server. Hornbill fully supports (and has done since day 1) TLS and SSL for POP, IMAP and SMTP. Once you have enabled this on your exchange server you can simply change the connector to utilise the required encryption via the Admin portal. Kind Regards Keith Stevenson Link to comment Share on other sites More sharing options...
Richard Williams Posted June 12, 2018 Author Share Posted June 12, 2018 Thanks, that link is much appreciated Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now