Re: Secure pop?

[Brian Somers <brian@Awfulhak.org>]

> 
> On 10 Sep 99, at 11:59, Aaron Jackson wrote:
> > I'm in the processes of setting up a mail server (OpenBSD) for my office.
> > After I showed the people in charge how easy it is to get passwords, they
> > want to stay away from pop. However, they still want to use outlook express
> > and netscape to read their email.  Is there a way to make popd communicate
> > through a secure channel (or even imapd for that matter)?  I see some
> > commercial products have this capability, but it is a much easier sell if
> > the cost is low.  Thanks for any info.
> 
> Try setting up your pop clients and server to use APOP. It does not 
> send passwords in the clear. I am using it with an exim server and 
> pegasus clients. I think outlook can do APOP, but I'm not entirely 
> sure.

It can't.  The only way I know of is to port-forward 110 using ssh, 
but actually giving the user a password (in master.passwd) is bad 
news in my book :-( 

> --
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Rick Ballard		Phone   : 902-481-4548
> xwave solutions		Fax     : 902-468-3679
> Halifax,Nova Scotia	Email   : RichardBallard@xwavesolutions.com
> Canada			Timezone: Atlantic AST(GMT-4)/ADT(GMT-3)
> 

-- 
Brian <brian@Awfulhak.org>                        <brian@FreeBSD.org>
      <http://www.Awfulhak.org>                   <brian@OpenBSD.org>
Don't _EVER_ lose your sense of humour !          <brian@FreeBSD.org.uk>