Dear all,<br><br>My RC use PLAIN mechanism for IMAP athentication. And it use default (non-SSL) IMAP port 143.<br><br>While log in, I captured the information by WireShark then I could see the usename and password, warped in a HTTP POST.<br>
<br>If I change to use SSL with IMAP, <br><br>$rcmail_config[&#39;default_host&#39;] = &#39;ssl://<a href="http://mail.mysite.com">mail.mysite.com</a>&#39;;<br>
$rcmail_config[&#39;default_port&#39;] = 993;<br><br>I still can capture my Username/ Password. So I think the SSL authentication is just from RC to IMAP server. Not from my PC to RC server.<br><br>I know if I&#39;m using HTTPS, the information send from my PC to HTTP server will be encrypted.<br>
<br>Is there anyway to encrypt the login session from my PC to the RC server, except using HTTPS? I mean the encryption supported inside RC login page.<br><br>Many thanks/ Minh. <br><div style="visibility: hidden; display: inline;" id="avg_ls_inline_popup">
</div><style type="text/css">#avg_ls_inline_popup {  position:absolute;  z-index:9999;  padding: 0px 0px;  margin-left: 0px;  margin-top: 0px;  width: 240px;  overflow: hidden;  word-wrap: break-word;  color: black;  font-size: 10px;  text-align: left;  line-height: 13px;}</style>