Vulnerability Development mailing list archives
Re: Info about Microsoft Exchange application protocol
From: walter.williams () GENUITY COM (Walter Williams)
Date: Tue, 25 Apr 2000 00:24:38 -0400
There are a number of possible protocols at work here: SMTP IMAP 4 POP 3 LDAP 3 MAPI So the first question becomes what is the nature of Outlook's configuration, (Open Internet or Corporate Workgroup). Corporate Workgroup is limited to MAPI, POP & SMTP. Open Internet is limited to SMTP, IMAP, POP & LDAP. How the password is sent is a derivitive of that. If MAPI, then yes Outlook passes a token of the password to the server. If POP, IMAP (Autheniticated SMTP) any password may be sent as clear text unless the Exchange server is configured to offer an encrypted authentication on these protocols and the client is configured in a simular manner. Walt -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Bobby, Paul Sent: Monday, April 24, 2000 3:37 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Info about Microsoft Exchange application protocol I haven't done an exhaustive search, but asking here is part of it. Where can I find information about the protocol exchange between Microsoft Outlook and Exchange? Is the userid and password a standard windows client-> windows server exchange? Paul Bobby ----------------- <dream> Got Root? </dream>
Current thread:
- Re: network appliance..., (continued)
- Re: network appliance... Paul Taylor (Apr 12)
- Re: network appliance... Crother, Mark (Apr 12)
- Re: network appliance... Marc Slemko (Apr 13)
- Re: network appliance... Stuart Henderson (Apr 17)
- Re: network appliance... James Grinter (Apr 24)
- DOS on inetd w/ nmap Clifford, Shawn A (Apr 24)
- Re: DOS on inetd w/ nmap Roelof Temmingh (Apr 25)
- Re: DOS on inetd w/ nmap LaMont Jones (Apr 25)
- Re: DOS on inetd w/ nmap Richard Johnson (Apr 25)
- Info about Microsoft Exchange application protocol Bobby, Paul (Apr 24)
- Re: Info about Microsoft Exchange application protocol Walter Williams (Apr 24)
- Re: network appliance... Stuart Henderson (Apr 17)