[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: popa3d question
- From: Didier Wiroth <didier_(_dot_)_wiroth_(_at_)_mcesr_(_dot_)_etat_(_dot_)_lu>
- Date: Mon, 25 Oct 2004 14:13:05 +0200
- Thread-index: AcS6i/tnuOxALufoTQeF8+hETCR9Ow==
I'm setting up my 1st test mail server where server are on standard network
connected to the internet and the clients are dial-up clients coming from
Clients will send mail via the server with starttls certificate
authentication to be able to relay their mails.
Now I would like to setup a secure pop3 service, at least authentication
should be secure and simple for the user. I was reading "secure
architectures with openbsd" and I'm not sure I did understand that
Here is the part from the book:
chapter 17.7 pop server administration
"The popa3d daemon provides POP3 services for native OpenBSD systems. It is
a secure implementation of the POP3 protocol, which itself is insecure. Both
the authentication credentials (username and password) and the mail messages
are transferred between the server and client in plain text".
What do they mean with "It is a secure implementation", as the phrase right
after this, says, everything is in clear text (see the phrase: Both the
authentication credentials ...are transferred... in plain text)?
I have two other questions:
1) What is the best method to encrypt "only" the pop3 credentials (only the
username and password should be encrypted, the mails should not)?
2) What is the best way to encrypt pop3 credentials and data?