timgreen7077
asked on
Exchange 2010 SMTP Question
We are getting the following vulnerability issue.
"The remote host is running an SMTP server that advertises that it allows cleartext logins over unencrypted connections. An attackers may be able to uncover user names and passwordsby sniffing traffic to the server if a less secure authentication mechanism (i.e. LOGIN or PLAIN) is used"
Has anyone see this error as a vulnerability for an Exchange server, and if so how was it resolved. I looked at my receive connectors and they all look good. The error is only on 2 of the 4 CAS servers and the connectors are the same. Any suggestions.
"The remote host is running an SMTP server that advertises that it allows cleartext logins over unencrypted connections. An attackers may be able to uncover user names and passwordsby sniffing traffic to the server if a less secure authentication mechanism (i.e. LOGIN or PLAIN) is used"
Has anyone see this error as a vulnerability for an Exchange server, and if so how was it resolved. I looked at my receive connectors and they all look good. The error is only on 2 of the 4 CAS servers and the connectors are the same. Any suggestions.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.