SSL Howto

docs

UPDATE: Our SMTP server now supports SMTPS or SMTP with STARTTLS
plus SMTP AUTH for mail relay authentication. We continue to support
POP-before-SMTP, but SMTP AUTH over encrypted tunnels is our preferred
method.

Introduction

POPS and IMAPS are secure versions of POP and IMAP respectively. By transmitting all information, including username and login, over an encrypted SSL connection, POPS and IMAPS provide protection against attackers reading the mail in transit or collecting username and password information. Employees.org only support SSL versions of POP and IMAP.

SMTPS and SMTP with STARTTLS are methods of creating encrypted tunnels between a mail client and an SMTP server. When combined with SMTP Authentication (called "SMTP AUTH"), it is a secure mechanism for sending username/password between the mail client and the SMTP server. This authentication allows the server to know whether or not the user of the mail client is allowed to relay mail through the server.

General (non-client specific) Instructions

Connect to mail.employees.org using either POPS or IMAPS. This often means selecting an option to "secure with SSL."

For IMAP, set the directory prefix to "Mail". This will put your IMAP folders in ~/Mail rather than directly in your home directory.

APOP is no longer supported. Switch to LOGIN authentication in your client. Also, switch to your SSH password rather than the separate APOP ("popme") password.