[svlug] Re: [lsec] Secure POP3 installation (fwd)
alvin at planet.fef.com
Wed Aug 8 17:07:01 PDT 2001
> hi ya eric
> to get secure pop3 email...you only need a secure pop3
> server ...
> many different ways to do it... some works..
> ohters wont... problem is complicated with changing
> MS clients that might decide to automatically update itself
> that breaks its secure pop3 clients ( SSL-enabled )
> the insecure part is "passwd" needed to read emails..
> you need to be able to trust traffic on your network for
> http, smtp, ftp, etc..etc.. so you dont need to worry about smtp traffic
> - get rid of MS clients and that simplifies your secure pop3 problem
> - look at ssl, stunnel, etc
> - if security is an issue...
> - put insecure stuff on one box... ( pop3, imap, ftp, telnet, ppp)
> ( leave that box alone in its own lan...
> how secure you want stuff would depend on what would happen if your local
> script kiddie erased all your data....what would the consequences be...
> c ya
> On Wed, 8 Aug 2001, Eric Pretorious wrote:
> > I've just completed installing a web-based mail application only to discover
> > that it requires access to a POP3 server to retrieve incoming mail from a
> > "catchall" account on my SMTP server.
> > Are there any "safe/secure" POP3 servers currently available or should I
> > migrate my SMTP service to a completely separate box and update the MX
> > record in my DNS zone. i.e., create a dedicated SMTP/POP host. The only
> > catch to establishing a dedicated SMTP/POP server would be my Mailman
> > installation: Mailman requires an NFS connection between physically separate
> > WWW and SMTP servers. (Currently, all my services are housed on the same
> > box.) I suppose that I could just set-up an additional apache server
> > (mailman.mydomain.com) to handle the HTML archives for Mailman, but that
> > just seems way too redundant...
More information about the svlug