Some POP3 clients generate an authentication error in the security log, but successfully download new email
Issue encountered
The security log is reporting the following event:
[19/Jul/2006 16:46:47] Failed POP3Post Office Protocol 3 - A protocol used by local email clients to retrieve emails from mailboxes over a TCP/IP connection. login from 10.0.0.187, user someone@domain.com
Cause
Typically this simply means that the user provided the wrong password. In some cases, you may find that the mail client doesn't report any problems, and succesfully downloads new email. This is because the mail client tries to use a secure authentication method that fails, so it switches to insecure authentication.
Solution
In most cases, the client should be able to use secure authentication. There are some circumstances however, when secure authentication cannot be used.
Password is stored in SHA format
In the edit dialog of any user, there is a checkbox to store user passwords in SHA format. If this option is selected, the client will not be able to use any type of secure authentication method. It is recommended therefore to use an SSLSecure Sockets Layer - A protocol that ensures integral and secure communication between networks. connection and Plain Authentication.
Users are mapped from a Directory Service
If Kerio MailServer is mapping users from a Directory Service, the password is managed by the Directory Server. In order to verify credentials against the Directory Server, Kerio Connect must receive the password in Plain Text. To ensure secure communication, it is recommended to use an SSL connection between the mail client and Kerio Connect. The communication between Kerio Connect and the Directory Server is secured by KerberosAn authentication protocol for client/server applications..