IMAP Unencrypted Cleartext Logins

Summary
The remote host is running an IMAP daemon that allows cleartext logins over unencrypted connections. An attacker can uncover user names and passwords by sniffing traffic to the IMAP daemon if a less secure authentication mechanism (eg, LOGIN command, AUTH=PLAIN, AUTH=LOGIN) is used.
Solution
Contact your vendor for a fix or encrypt traffic with SSL / TLS using stunnel.
References