[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Secure pop?
If tunneling is an option, I would suggest to use STUNNEL (see
http://mike.daewoo.com.pl/computer/stunnel/). It allows you to set
up an SSL-tunnel, provides code for two ends, and there is a pre-
compiled version for windows.
If you understand Italian, you can see this
http://security.fi.infn.it/tools/stunnel/ on how to use it with POP
Hope that it helps,
Data Network Consultant
> > On 10 Sep 99, at 11:59, Aaron Jackson wrote:
> > > I'm in the processes of setting up a mail server (OpenBSD) for my office.
> > > After I showed the people in charge how easy it is to get passwords, they
> > > want to stay away from pop. However, they still want to use outlook express
> > > and netscape to read their email. Is there a way to make popd communicate
> > > through a secure channel (or even imapd for that matter)? I see some
> > > commercial products have this capability, but it is a much easier sell if
> > > the cost is low. Thanks for any info.
> > Try setting up your pop clients and server to use APOP. It does not
> > send passwords in the clear. I am using it with an exim server and
> > pegasus clients. I think outlook can do APOP, but I'm not entirely
> > sure.
> It can't. The only way I know of is to port-forward 110 using ssh,
> but actually giving the user a password (in master.passwd) is bad
> news in my book :-(
> > --
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> > Rick Ballard Phone : 902-481-4548
> > xwave solutions Fax : 902-468-3679
> > Halifax,Nova Scotia Email : RichardBallard@xwavesolutions.com
> > Canada Timezone: Atlantic AST(GMT-4)/ADT(GMT-3)
> Brian <brian@Awfulhak.org> <brian@FreeBSD.org>
> <http://www.Awfulhak.org> <brian@OpenBSD.org>
> Don't _EVER_ lose your sense of humour ! <brian@FreeBSD.org.uk>