SMTP Server Connection using TLS (ie. port 465) & Secure Authentication ?

[Defenestration]

My e-mail client allows me to specify the SMTP connection to be either

- Regular on port 25
- Secure to regular (STARTTLS) on port 25
- Secure to dedicated (TLS) on port 465

It also has another couple of settings for Authentication:

- Perform SMTP authentication
- Require secure SMTP authentication

If I use Secure to dedicated (TLS) + Perform SMTP authentication, but not require secure authentication, is all data transferred between my e-mail client and the SMTP server (ie. username + password, and all message content) encrypted ?

Is secure authentication needed when connecting using secure to dedicated (TLS) on port 465 ?

Same questions for POP - Is all content encrypted when receiving mail on a secure to dedicated connection (TLS) on port 995 ?

Is it OK to use regular POP authentication when using TLS on port 995 ?

It's confusing me because you can have both secure authentication and a secure TLS connection.

[Mrkvonic]

Hello,

POP is not encrypted. So in order to encrypt POP, you use tunneling - encapsulate POP in an encrypted communication tunnel.

This can be done in several ways.

In your case, the data transfered will be encrypted. However, the two differences between the authentication methods:

Regular - your credentials are sent in unecrypted form to the server. Once the communication is established, all data sent will be encrypted.

Secure authentication - you will first establish a secure tunnel and then authenticate using it. This is the preferred method. But you must trust the server you communicate with.

Mrk

[SteveTX]

Thrower of things out windows,

Should I assume you are using TheBat! as your email client?

You want to use SSL/STARTTLS or TLS, with secure authentication.

The only question is if your smtp server supports it.