Details
IMAP4 transmits all data, including user credentials and potentially sensitive messages, in plaintext. Using this setting to enable SSL ensures that IMAP4 network traffic is encrypted, and it allows the client to verify the server’s address.
Rationale:
An attacker who can intercept or eavesdrop on the IMAP4 traffic could view sensitive information.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-ImapSettings -LOGINTYPE SECURELOGIN
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.