We hope you're doing well today. As part of our commitment to provide the best infrastructure for your services, we are notifying you of the following changes affecting your accounts on worldhostingcorp.com. Please read the following details carefully as action may be required on your end:
Security Changes - Disable Plaintext Authentication
July 1st, 2016
Reason for Change:
Plaintext authentication (sending passwords to the server in plain text) poses a serious security concern for accounts on our shared services. There is an elevated risk for passwords to be compromised, which can lead to infiltration of your email and web hosting account(s) as passwords sent via this method are not protected with encryption. If someone were to intercept the password, it could potentially be used for nefarious purposes.
Effective Service Change:
We will be taking proactive measures to prevent the possibility of compromised passwords. To do this we will be disabling plaintext authentication on all shared and reseller servers.
** Action Required **
In order to prevent any service interruption when plaintext authentication is disabled, you will need to ensure that all email clients connecting to the server are utilizing TLS encryption for passwords by the effective date listed above. Please be sure to review the article below for further details on switching to TLS authentication.
Currently, our Business and Reseller servers allow plaintext authentication for sending and receiving mail. We will be updating the configuration where this is concerned to make e-mail more secure on the server. We will be making the following changes:
- Receiving e-mail
- The allowing of plaintext authentication for POP3 and IMAP will be disabled.
- Connections to the server on ports 110 and 143 will not be allowed.
- Sending e-mail
- E-mail clients will be required to connect with SSL or issue the STARTTLS command before being allowed to authenticate.
With that said, we recommend the following settings for your e-mail clients (Outlook, Thunderbird, etc.)
Secure SSL/TLS Settings (Recommended)
Username: Your full email address.
Password: Use the email account’s password.
Incoming Server: dime197.dizinc.com
IMAP Port: 993
POP3 Port: 995
Outgoing Server: dime197.dizinc.com
SMTP Port: 465
Authentication is required for IMAP, POP3, and SMTP.
Change existing account in Outlook.
1. Open Outlook.
2. Click the File tab at the top.
3. Click Account Settings.
4. On the Account Settings screen, click Change.
5. On the Change Account screen, click More Settings…
6. On the Internet E-mail Settings screen, click the Advanced tab.
7. If your incoming server is IMAP, make sure the port is 993. If your incoming server is POP3, make sure the port is 995.
8. For Incoming and Outgoing set the type of encrypted connection to TLS by selecting that option in the drop down menu.
8a. Certain versions of Outlook are not compatible with the TLS encryption protocol, using SSL in this case is an acceptable alternative.
**If You are Already Using Secure Authentication **
No changes are necessary on your end.
All shared and reseller clients.
We understand the importance of keeping your sites and services online, and our team is taking necessary preparatory steps to mitigate service interruptions and ensure our clients are ready for this change. In order to prevent any service interruption when this change takes effect, you will need to ensure that all email clients are utilizing TLS authentication per the instructions provided above.
Thank you so much for taking the time to review this notice. If you have any questions or concerns about this scheduled change, please don't hesitate to contact our staff for more details.
Wednesday, June 1, 2016