2.24.2.5.4. Correct authentication setup in The Bat!

When a mail client connects to a mail server to receive or send mail, authentication is used for security purposes. There are different authentication methods. One of the options could be CRAM-MD5 or APOP, which are currently outdated and insecure. Here's how to check your current settings and set up a more modern and secure authentication method.

1. In the main window of The Bat! right click on the added mailbox and select "Mailbox properties…":
2. In chapter "Transport" in the block "Sending mail" click "Authentication…":
3. Check the authentication settings for outgoing mail:
   • Checkmark opposite "SMTP Authentication (RFC-2554)" must be installed.
   • The switch must be opposite "Use Mail Receive Options (POP3 / IMAP)".
   • Checkmark opposite "Require secure authentication" necessarily must be removed. If the checkbox is checked, uncheck it and save the changes.
4. In the block "Receiving mail" click "Authentication…":
5. Check the authentication settings for incoming mail. The switch must be opposite "Regular"... If it is set opposite to a different value, change it to the specified one and save the changes:
6. Check your encryption settings. The parameters are responsible for encrypting the connection. "Compound" and "Port":
   • Sending mail:
     • In order for the connection to the server to be encrypted, it is recommended to use the connection "Safe on spec. port (TLS)" and port 465.
     • If an unencrypted connection suits you, you can use the connection "Common" and port 25 or 2525.
   • Receiving mail:
     • If IMAP is used (opposite "Protocol" indicated "IMAP4"):
       • In order for the connection to the server to be encrypted, it is recommended to use the connection "Safe on spec. port (TLS)" and port 993.
       • If an unencrypted connection suits you, you can use the connection "Common" and port 143.
     • If the POP3 protocol is used (opposite "Protocol" indicated "POP3"):
       • In order for the connection to the server to be encrypted, it is recommended to use the connection "Safe on spec. port (TLS)" and port 995.
       • If an unencrypted connection suits you, you can use the connection "Common" and port 110.
7. Save your changes and test your mail.

If everything is configured exactly as described above, but in log of authorizations when sending, the old authentication method is still mentioned, then there is nothing to worry about — The Bat! when sending, it automatically selects the most appropriate method supported by the server, and after the CRAM—MD5 support is disabled, it will have to continue its work as usual.