CRAM-MD5 is a secure log-in method used by some mail clients to encrypt user credentials during SMTP requests. In recent years it has been largely replaced by technologies like SSL or TLS, which encrypt the entire mail connection - not just the log-in request.
As a result of security enhancements in our user management systems, as of June 16, 2013, our Rackspace Email and Microsoft Exchange platforms no longer support CRAM-MD5 SMTP connections. Our testing shows that most mail clients handle this change gracefully. However, Apple Mail, Thunderbird, Windows 8 Mail, and possibly some iPhone users will be unable to send messages until they update their settings. These mail clients will still be able to receive and access email.
Please see the articles linked below for more information on how to update each of these mail clients to stop using CRAM-MD5. Also, please take this opportunity to encourage your users to make sure their mail client is configured to use SSL so their personal information is as secure as possible.
While this change is inconvenient, we believe the long-term gains in user security make it absolutely necessary.
Which mail client are you using?
© 2011-2013 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License