This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 90%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello Support,
My Exchange Sever 2016 (CU17)
When i run Nessus tool says that "POP3 Cleartext Logins Permitted"
https://www.tenable.com/plugins/nessus/15855
How to fix this without any impact?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
If you don't have any users using POP3 to connect to your Exchange server(by default clients use MAPI ,Outlook Anywhere or ActiveSync to connect)
you don't have to worry about the warning.
You may need to disable the POP3 services on your server.
If you would like to enable POP3 for users,please enable the POP3 services and run this command via EMS to check the authentication method:
Get-PopSettings -Server <servername> | Select LoginType
It result doesn't show Securelogin(default value), use this command to change it to Securelogin:
Set-PopSettings -LoginType SecureLogin
You may also need a certificate and assign it to the POP3 service.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,@Sathishkumar Singh
Do suggestions above help? If you have any questions or needed further help on this issue, please feel free to post back.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
It depends.
If you business have no application that relies on plain text login of POP3 server (say, web applications that read replied emails and process them automatically) , then just follow action specified in the link you provided to disable plain text login.
If yes, you'll have to modify that application to login by other authentication methods, or to use SSL port to access POP3 if supported, then disable plain text login.