Configure the mail server to require Secure Password Authentication
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To configure the mail server to require Secure Password Authentication
Using the Windows interface
Using a command line
Using the Windows interface
Open POP3 service.
In the console tree, right-click the computer_name node and click Properties.
Where?
- POP3 Service/computer_name
Select Require Secure Password Authentication (SPA) for all client connections.
Important
- If you change this parameter, you must stop and restart the POP3 service. For more information on changing the POP3 service state, see Related Topics.
Notes
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
To open the POP3 service snap-in, click Start, click Control Panel, double-click Administrative Tools, and then double-click POP3 Service.
SPA supports only Active Directory integrated authentication and local Windows accounts authentication.
If you enable SPA, users' e-mail clients must also be configured to use SPA. For more information, see Related Topics.
If you are using Active Directory integrated authentication, you must log on to the Active Directory domain, not the local computer, to perform this procedure.
Configuring the mail server to require Secure Password Authentication affects only the POP3 service and not the Simple Mail Transfer Protocol (SMTP) service.
Using a command line
Open Command Prompt.
Type:
winpop set sparequired {0|1}
| Value | Description |
|---|---|
winpop set sparequired |
Specifies whether Secure Password Authentication is required for all client connections. |
{0|1} |
Specifies whether secure authentication is required from all e-mail clients. The default is 0, which specifies that SPA is not required. 1 requires SPA from all e-mail clients and prevents e-mail clients from authenticating by using plaintext authentication. |
Important
- If you change this parameter, you must stop and restart the POP3 service. For more information on changing the POP3 service state, see Related Topics.
Notes
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.
SPA supports only Active Directory integrated authentication and local Windows accounts authentication.
If you enable SPA, users' e-mail clients must also be configured to use SPA. For more information, see Related Topics.
If you are using Active Directory integrated authentication, you must log on to the Active Directory domain, not the local computer, to perform this procedure.
To view the complete syntax for this command, at a command prompt, type:
winpop set help
Configuring the mail server to require Secure Password Authentication affects only the POP3 service and not the Simple Mail Transfer Protocol (SMTP) service.
Information about functional differences
- Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.
See Also
Concepts
POP3 Service Authentication Methods
Configure Outlook Express for Secure Password Authentication
Change the POP3 service state
Winpop