SMTP and POP3 Service Clear text Login Permitted on Windows Plesk server

Created:

2016-11-16 13:17:45 UTC

Modified:

2017-08-08 13:38:37 UTC

0

Was this article helpful?


Have more questions?

Submit a request

SMTP and POP3 Service Clear text Login Permitted on Windows Plesk server

Applicable to:

  • Plesk 12.5 for Windows

Question

The following security vulnerabilities are shown while checking the server:

54582 - SMTP Service Clear text Login Permitted

15855 - POP3 Clear text Logins Permitted

MailEnable Standard is installed as mail server.

How to fix these vulnerabilities?

Answer

The solution for this case is to enable SSL/TLS authentification for the mail server and disable other ways of authentification.

However, MailEnable Standard does not support SSL, only paid version Professional and higher.

It is required to upgrade MailEnable to Professional or install SmarterMail.


Additional information on MailEnable website

Security & Authentification

Preventing SMTP authentication through plain text connections

Have more questions? Submit a request
Please sign in to leave a comment.