2.24.2.13. Proper authentication settings in mail clients

When a mail client connects to a mail server to receive or send mail, authentication is used for security purposes. There are different authentication methods (methods of transferring the mailbox login and password from the client to the server). One of the options could be CRAM-MD5 or APOP, which are currently outdated and insecure. Below are instructions on how to check your current settings and set up a more modern and secure authentication method.

It is worth emphasizing that the authentication method is not directly related to protocols, port numbers and encryption of transmitted data. As before, you can use combinations of these parameters at your discretion. For example, if your mail client is configured to work using the POP3 protocol, then there is no need to reconfigure it for IMAP, or if the connection is made via an unsecured port, then it is not necessary to change the port to a secure one and enable encryption (however, this is recommended in order to increase the overall level of security) ...

• Thunderbird
• Outlook 2013-2019
• The Bat!
• Mail (macOS)

Some applications and scripts are able to independently determine the authentication methods supported by the server and choose the most appropriate one. This is how they work:

• Library PHPMailer and CMS that use it (for example, Joomla!).
• Outlook 2016 and 2019 for macOS.
• Gmail (Android).
• Spark (Android, iOS, macOS).
• Mailbird (Windows).
• Mail (Windows 10).
• Function imap_open.