Storing IMAP mail account password on App servers

Discussion in 'iOS 10' started by uandme72, Mar 12, 2017.

  1. uandme72 macrumors 6502a

    Mar 2, 2015
    Do the third party mail Apps like the Outlook App or some other App store password and mail content on their own servers also.
    I am told that the third party apps like Outlook are not allowed background refresh by iOS. This forces them to fetch IMAP mails remotely to their own servers which in turn sends push notifications to the iPhone.
    This mechanism is breach of privacy/ security.
    The native mail App of iOS is perhaps the only App which can background refresh and fetch mails directly from mail servers to the iOS device, and send notifications for new mail received in any folder on the server configured as favorite, without storing the password on Apple servers.
    Someone may please correct me.
  2. jr866gooner macrumors 65816


    Aug 24, 2013
    I made the very same enquiry to blue mail ( I happen to use type app which is made by the same firm) and at the time I was using blue mail, they said they don't store credentials. I'm sure I had that in an email which I'll have to take a look around for that very message.
  3. uandme72, Mar 12, 2017
    Last edited: Mar 12, 2017

    uandme72 thread starter macrumors 6502a

    Mar 2, 2015
    They have to positively store password if they are fetching mails from the IMAP servers to their servers, or are just checking whether any new mail has been received on IMAP servers, so as to be able to send push notifications or the mail itself to the iOS App.
    The reason I am raising the issue is that the IT department at work have policies to secure passwords, mails etc from any third party.
    Sharing these with App servers may land the user into trouble.
  4. slenpree macrumors 6502a


    Apr 13, 2010
    Yes apps like mailbox do that. This is one of the many reasons I prefer the stock mail app.
  5. stulaw11 Suspended

    Jan 25, 2012
    It depends what service you use. Your work servers maybe not the best idea if you have policies.

    Things like Gmail can use OAuth which can authorize the app to access the data without the password being stored on the app's servers (it authorizes it through a google login page and then passes the data to the app from my understanding).

    Using all Gmail/Google Apps accounts I have no worries really in that sense in many of the major brand 3rd party emails apps

Share This Page

4 March 12, 2017