Wed 12 Nov 2003
POP, IMAP, and SSL
Category : Technology/popIMAPssl.txt
I realise, from the mail that I'm getting, that there are people out there monitoring the progress of all these experimentation (on Panther).
So here's an update. I've got both POP and IMAP working and they also work over SSL. We just tried this out and it's so fun. The word that comes to mind is - magical.
On Mail.app, we can now give users a have a choice of going to the server via POP or IMAP. So you can explain the pros and cons of doing either and let them decide. Then, if they are wary about people snooping over their passwords or the content of their messages, they can turn on SSL.
If you're using a self-signed certificate, you'll get a message on Mail.app warning that the cert is not verified by a known root certification authority. But that's OK - it'll still do its job of encrypting the two-way communication. But this warning will appear each time you restart Mail.app and it starts accessing the server. So, you may decide to turn off SSL mode and go back to normal unencrypted mode until you really feel you need it. The key word is Choice.
But, of course, if you want, you can always buy a real cert from places like Verisign and it'll all work very well.
So, it's on to SMTP-AUTH. If that works, everything will be just splendid.