Re: Blocking POP3 and IMAP

[Ken Connelly <Ken.Connelly () UNI EDU>]

We allow POP and IMAP, but require that they be the secure
implementations of each.  Those run on TCP/995 and TCP/993 by default.
We try very hard to eliminate any plain-text authentication scheme,
including within our on-campus, switched network.

-ken

Hammon, Gary wrote:
> I recently joined the Security listserv, and searched the archives
> looking for any trend regarding blocking inbound POP3 and IMAP.
>
> We think we have finally moved beyond any 'business need' to allow
> these protocols for email. We have an Exchange environment that has
> web access etc., but there are a small number of folks who simply
> prefer not to change.
>
> I am hoping that I can say that it would be a best practice to
> eliminate the POP3 and IMAP protocols.
>
> I am hoping that other institutions have already started to eliminate
> the protocols, or know that it is a good idea/best practice to
> eliminate these protocols (ignoring the political firestorm of course!).
>
> Thank you for any feedback on this,
>
> Gary
>
> Gary Hammon
> CIO
> Stonehill College
> Easton, MA  02357

--
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373