[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure pop?



If tunneling is an option, I would suggest to use STUNNEL (see 
http://mike.daewoo.com.pl/computer/stunnel/).  It allows you to set 
up an SSL-tunnel, provides code for two ends, and there is a pre-
compiled version for windows.

If you understand Italian, you can see this 
http://security.fi.infn.it/tools/stunnel/ on how to use it with POP 

Hope that it helps,

Regards,
Alejandro Rusell
Data Network Consultant

> > 
> > On 10 Sep 99, at 11:59, Aaron Jackson wrote:
> > > I'm in the processes of setting up a mail server (OpenBSD) for my office.
> > > After I showed the people in charge how easy it is to get passwords, they
> > > want to stay away from pop. However, they still want to use outlook express
> > > and netscape to read their email.  Is there a way to make popd communicate
> > > through a secure channel (or even imapd for that matter)?  I see some
> > > commercial products have this capability, but it is a much easier sell if
> > > the cost is low.  Thanks for any info.
> > 
> > Try setting up your pop clients and server to use APOP. It does not 
> > send passwords in the clear. I am using it with an exim server and 
> > pegasus clients. I think outlook can do APOP, but I'm not entirely 
> > sure.
> 
> It can't.  The only way I know of is to port-forward 110 using ssh, 
> but actually giving the user a password (in master.passwd) is bad 
> news in my book :-( 
> 
> > --
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> > Rick Ballard		Phone   : 902-481-4548
> > xwave solutions		Fax     : 902-468-3679
> > Halifax,Nova Scotia	Email   : RichardBallard@xwavesolutions.com
> > Canada			Timezone: Atlantic AST(GMT-4)/ADT(GMT-3)
> > 
> 
> -- 
> Brian <brian@Awfulhak.org>                        <brian@FreeBSD.org>
>       <http://www.Awfulhak.org>                   <brian@OpenBSD.org>
> Don't _EVER_ lose your sense of humour !          <brian@FreeBSD.org.uk>
> 
> 
>