On December 15, 2013, we will be performing a maintenance on our email servers which will remove the ability for mail clients to send mail using the legacy authentication protocol, CRAM-MD5. Once removed, a very small portion of our customers may lose the ability to send mail until their mail client’s SMTP authentication method is changed.
Why? While CRAM-MD5 is a secure authentication protocol, the industry as a whole has been migrating away from using this mechanism. The recommended method for sending mail today is to use PLAIN/PASSWORD authentication over an SSL or TLS connection.
Will I be impacted? In preparing for this maintenance we discovered the vast majority of mail clients do not use CRAM-MD5 by default. It is very difficult to pinpoint each and every mail client, version, device, etc that could be impacted, although we do know that if you are running one of these configurations you could be impacted by this change:
- Thunderbird
- Apple Mail
- iOS devices still running iOS versions prior to iOS 6.x
If this affects me, how do I fix it? If you notice you are no longer able to send mail from your email client after December 15, you can resolve the issue using one of the following means:
- Reconfigure your mail client so it does not use CRAM-MD5 authentication for SMTP (outgoing messages). See the links above for tutorials.
- We also suggest using an encrypted connection via SSL or TLS when sending and receiving mail.
If you have trouble, you can always login to Webmail (at https://webmail.yourdomain.com/) to access and send email like normal.
Comments