APOP (Authenticated Post Office Protocol) is an extension of the traditional POP used for email authentication. The POP allows one’s username and password to be authenticated with an email server. It does so by transmitting the user’s account password in plain text over the Internet, which puts his/her security at risk. The APOP encrypts passwords when transmitting it over a network or the Internet. The extended protocol keeps others from using password sniffing or other hacking techniques to steal email passwords when they are transmitted.
How does APOP Work?
Both the email client and server must be configured to support authentication via encrypted transmission for APOP to work. The client computer (or email application) sends an authentication request to the server, which includes the user’s account name. After an initial hand-shake, it sends the account’s encrypted password, which the email server then decrypts and validates. Once the user account is authenticated, the email server works just like a traditional POP3 server. The APOP uses a MD5 hashing function to keep hackers from using a replay attack to crack the user’s password.
What Email Clients Support APOP?
APOP is increasingly supported on popular email programs. Client programs that have APOP support include Mozilla Thunderbird, Opera Mail, Kmail, Eudora, RimArts, Windows Live Mail, Mutt, and PowerMail.
POP4 Protocol Specification
The POP4 specification is an extension of POP3 with other add-ons, including multi-part message support, message flag management, IMAP features, and APOP support. Although the POP4 specification addresses all of the POP3 specification’s known shortfalls, it has grown unpopular with industry due to the incorporation of supporting extensions in the definition and remains unapproved.