Richard Williams Posted June 12, 2018 Posted June 12, 2018 Hi, We have a security incident at the moment with Hornbill whereby the Hornbill service is sending data in to Exchange across the Internet using POP3 (Port 110) but is not using an encrypted (TLS) connection. As a result, Usernames and Passwords are being sent in clear text across the Internet to our Exchange environment. We have identified the cause and we would like to switch on TLS for POP3 connections ASAP – however, can you please confirm with Hornbill that they are able to communicate using POP3 with TLS before we do so?
Victor Posted June 12, 2018 Posted June 12, 2018 @Richard Williams this wiki article should answer your questions: https://wiki.hornbill.com/index.php/E-Mail_Protocol_Support
Keith Stevenson Posted June 12, 2018 Posted June 12, 2018 Richard, Just to clarify. This is not a security incident with Hornbill but with your Exchange server. Hornbill fully supports (and has done since day 1) TLS and SSL for POP, IMAP and SMTP. Once you have enabled this on your exchange server you can simply change the connector to utilise the required encryption via the Admin portal. Kind Regards Keith Stevenson
Richard Williams Posted June 12, 2018 Author Posted June 12, 2018 Thanks, that link is much appreciated
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now